[Cloud Security] rewrite `CspFindings` as discriminating union type

[JordanSh]

After the changes introduced in CIS AWS, a finding can have different fields based on its posture type. We should rewrite the type for CspFinding as a discriminating union that uses the rule.benchmark.posture_type field as a discriminator. posture type of cspm contains the cloud field. while kspm will contain the cluster field instead.

It's important to verify if the cis_eks can contain both fields, if that's the case, the rule.benchmark.id should be used as the discriminator

[elasticmachine]

Pinging @elastic/kibana-cloud-security-posture (Team:Cloud Security)

[kfirpeled]

Note that we need to support BC, for example cloudbeat version 8.6 does not send findings with posture_type nor rule_number fields

[tehilashn]

@kfirpeled - should we remove the 8.8 label? since sprint 23 is the last one for before 8.8 feature freeze..

[seanrathier]

Moving this back into Todo and assigning to @JordanSh.

I am leaving the branch I created for @JordanSh to reference.