fix(cloudwatch-metrics-stream): fix optional variables

[rossifrancesco]

This pull request improves the configuration and documentation for the CloudWatch metrics stream integration, focusing on clarifying when certain variables are required and enhancing validation logic. The changes ensure that variables related to role creation and authentication are only required when appropriate, and provide better error messages and documentation for users.

Variable validation improvements:

• Updated the sysdig_aws_account_id and sysdig_external_id variables in both modules/cloud-watch-metrics-stream/variables.tf and examples/cloudwatch-metrics-stream-single-account/variables.tf to only require values when create_new_role is true, with improved validation and error messages.
• Added validation to the secret_key variable to ensure that both secret_key and access_key_id are either set together or both left empty, preventing misconfiguration.
• Enhanced descriptions for secret_key and access_key_id variables for clarity.

Resource adjustments:

• Updated resource logic in main.tf to use secret_key and access_key_id to determine which sysdig_monitor_cloud_account resource to create, rather than relying on create_new_role.
• Modified IAM role and policy resources in iam.tf to use the correct role name depending on whether a new role is being created.