Identity of the apikey created in prereq

[in-1911]

When using the module with create_ibmcloud_api_key = true, the new apikey always assumes the identity of the credentials used to run the terraform. In a context of Cloud Project that may lead to unintended results, especially when using trusted profiles authorization. https://github.com/terraform-ibm-modules/terraform-ibm-devsecops-alm/blob/869f353d766be278f0f50ee2430a9b5a95523dcf/prereqs/main.tf#L86

The credentials / identity designated for the pipelines may need to be different from the one used to deploy the ALM components.

It would be helpful if the user can supply a combination of parameters to use one of the following options:

• A service ID that the new apikey should be generated for.
• A literal value of the apikey (separate form the one used for deployment or provider configuration). E.g. Cloud Projects can reference a secret in a secrets manager, which would be resolved to the secret value when validating / deploying. The prereq module seems to have a parameter for that but it's not exposed at the top level.
• A new apikey for the identity used with the provider (current behavior)

[padraic-edwards]

Will consider including additional variables to parameterize the creation of the API key for use in the pipeline.