Prepare secrets manager policies for group secrets

Erick Bajaorequested to merge
eb-group-secrets-permissions into master

Related to #577342

This is the first MR based on the plan in !217485 (comment 2989161362).

The original MR was closed and will be split into 3 separate ones to help ease the review.

This is the first one which sets up the permissions for group secrets.

This also applies the suggestion from the groupauthorization reviewer to move all feature flag checks in the policy layer. So now we don't need to manually do this anymore in mutations and resolvers.

I also removed the checks for secrets manager active in policies, because the services do this already and I think is overkill for permissions.

Merge request reports