Adds missing network and security configuration for storage accounts

[BlakeWills]

Adds the following options for configuring storage account network/security settings.

This PR closes #

The changes in this PR are as follows:

• Disabling public network access
• Restricting access to azure services without also specifying a subnet to restrict too.
• Disabling blob public access
• Disabling shared key access
• Defaulting to AAD auth in the portal instead of shared key access
• Changing the DNS endpoint type which allows you to create more than 250 storage accounts in a given subscription.

I have read the contributing guidelines and have completed the following:

• [x] Tested my code end-to-end against a live Azure subscription.
• [x] Updated the documentation in the docs folder for the affected changes.
• [x] Written unit tests against the modified code that I have made.
• [x] Updated the release notes with a new entry for this PR.
• [x] Checked the coding standards outlined in the contributions guide and ensured my code adheres to them.

If I haven't completed any of the tasks above, I include the reasons why here: N/A

Below is a minimal example configuration that includes the new features, which can be used to deploy to Azure:

let storageAcc = storageAccount {
    name "myaccount"

    // Creates the storage account using the azure dns endpoint, this cannot be used with private endpoints.
    //use_azure_dns_zone

    // completely disable public access
    disable_public_network_access

    disable_blob_public_access
    disable_shared_key_access
    default_to_oauth_authentication

    // restrict to private link + azure services - do not call disable_public_network_access
    //restrict_to_azure_services [NetworkRuleSetBypass.AzureServices]
}