New audit event: SSH key actions for namespace-specific users

Additional context in parent epic.

Audit need

Understanding when SSH keys are created, changed, or deleted helps to ensure users are complying with company policy and also can be used to identify unusual activity.

Proposal

Create a new audit event when:

• A new SSH key is created for a user
• An existing SSH key is changed for a user
• An existing SSH key is deleted for a user

This should only be surfaced for users that have been provisioned as enterprise users in the relevant top-level group.

• For users that are not part of that enterprise, do not surface the events.

Streaming audit event considerations

Only send as a streaming audit event, due to data volume potentially.