Allow reuse of dynamic group for instance_principal

[hyder]

Creating a dynamic group requires a lot more privileges than most users have. Consequently, when instance_principal is enabled, and this module creates the dynamic group, it frequently fails because of the lack of privileges.

Instead of getting this repo to create the dynamic group for the operator, we should allow for 1 to be created by an authorised user and allow its reuse. The terraform user would then need only:

• use level privilege for dynamic groups in order to update it
• manage level privilege for policies in the compartment where the policies will be created

[kral2]

the dynamic-group creation logic can reuse the iam module for a more decoupled approach.

I can take a look at it.

Note: Currently, the dynamic-group submodule integrates the policy, but that's also something that will need to be split as a separate submodule.