New Resource: Use of azuread_application_flexible_federated_identity_credential

[danquack]

In the AWS and GCP the runs phrase are wild-carded.

The Azure example has the same application for plan and apply, as Azure provider only supported fully qualify claims. However, just merged in, the provider will has support for FIC to allow for wildcard:

resource "azuread_application_flexible_federated_identity_credential" "plan_and_apply" {
  application_id             = azuread_application_registration.tfc_application.id
  claims_matching_expression = "claims['sub'] matches 'organization:${var.tfc_organization_name}:project:${var.tfc_project_name}:workspace:${var.tfc_workspace_name}:run_phase:*'"
  display_name               = "my-tfc-federated-credential"
  audience                   = var.tfc_azure_audience
  issuer                     = "https://app.terraform.io"
}