chore(terraform): update CKV_GCP_79 gcp postgres version to 16

[qdelettre]

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

[//]: # "

PR Title

We use the title to create changelog automatically and therefore only allow specific prefixes
- break:    to indicate a breaking change, this supersedes any of the other types
- feat:     to indicate new features or checks
- fix:      to indicate a bugfix or handling of edge cases of existing checks
- docs:     to indicate an update to our documentation
- chore:    to indicate adjustments to workflow files or dependency updates
- platform: to indicate a change needed for the platform
Each prefix should be accompanied by a scope that specifies the targeted framework. If uncertain, use 'general'.
#    
Allowed prefixs:
ansible|argo|arm|azure|bicep|bitbucket|circleci|cloudformation|dockerfile|github|gha|gitlab|helm|kubernetes|kustomize|openapi|sast|sca|secrets|serverless|terraform|general|graph|terraform_plan|terraform_json
#
ex.
feat(terraform): add CKV_AWS_123 to ensure that VPC Endpoint Service is configured for Manual Acceptance

"

Description

Update CKV_GCP_79 terraform gcp for pgsql 16

Fixes #6689

New/Edited policies (Delete if not relevant)

Description

Change behavior for CKV_GCP_79 to support postgres 16

Checklist:

• [X] I have performed a self-review of my own code
• [X] I have commented my code, particularly in hard-to-understand areas
• [x] I have made corresponding changes to the documentation
• [x] I have added tests that prove my feature, policy, or fix is effective and works
• [x] New and existing tests pass locally with my changes

[lucaspierru-convelio]

Can someone approve? We need this to be merged and released ASAP please

[lucaspierru-convelio]

Hi @lucaspierru-convelio @qdelettre what is the reason for this change?

aren't we afraid that it may give False-positive for other customers which are still using "POSTGRES_15"?

The reason is the new release of PostgreSQL version 16 on GCP that makes this check outdated. Customers still using POSTGRES_15 are currently experiencing a false-negative and the ones using POSTGRES_16 a false-positive. Once this PR is merged, people still using v15 will need to either skip the check or add an inline ignore in their code, which's perfectly fine imo.

see: https://github.com/bridgecrewio/checkov/issues/6689

btw: I see there are still a lot of places that "POSTGRES_15" is still written

Indeed it's still present in the main.tf of the following paths:

tests/terraform/checks/resource/gcp/example_CloudPostgreSQLLogDisconnection/main.tf
tests/terraform/checks/resource/gcp/example_CloudPostgreSQLLogTemp/main.tf
tests/terraform/checks/resource/gcp/example_CloudPostgreSqlLogStatement/main.tf
tests/terraform/checks/resource/gcp/example_CloudSqlMajorVersion/main.tf
tests/terraform/checks/resource/gcp/example_GoogleCloudPostgreSqlEnablePgaudit/main.tf
tests/terraform/checks/resource/gcp/example_GoogleCloudPostgreSqlLogHostname/main.tf
tests/terraform/checks/resource/gcp/example_GoogleCloudPostgreSqlLogMinErrorStatement/main.tf
tests/terraform/graph/checks/resources/GCPMySQLdbInstancePoint_In_TimeRecoveryBackupIsEnabled/main.tf
tests/terraform/graph/checks/resources/GCPPostgreSQLDatabaseFlaglog_durationIsSetToON/main.tf
tests/terraform/graph/checks/resources/GCPPostgreSQLDatabaseFlaglog_executor_statsIsSetToOFF/main.tf
tests/terraform/graph/checks/resources/GCPPostgreSQLDatabaseFlaglog_parser_statsIsSetToOFF/main.tf
tests/terraform/graph/checks/resources/GCPPostgreSQLDatabaseFlaglog_planner_statsIsSetToOFF/main.tf
tests/terraform/graph/checks/resources/GCPPostgreSQLDatabaseFlaglog_statement_statsIsSetToOFF/main.tf 

@qdelettre Could you update this please as I don't have access to your branch? cheers :)