test(e2e): Add support for Vault LDAP testing

[moduli]

Description

This PR updates e2e test infra to have LDAPS configured in support of Vault LDAP + RDP testing. This PR does the following (vault could not communicate with Active Directory on the domain controller unless LDAPS was configured)

• updates the vault version we use in the aws-vault module so that it includes the vault ldap engine feature
• updates security group and firewall rules to allow LDAPS communication
• adds a script to the domain controller to set up LDAPS in Active Directory

Testing Notes

> enos scenario launch e2e_aws_rdp_base builder:local client:win10 rdp_server:2022 kerberos_only:false
> enos scenario output e2e_aws_rdp_base builder:local client:win10 rdp_server:2022 kerberos_only:false

• Navigate to ${vault_address_public}:8200
  • Log in with ${vault_root_token}
• Enable the vault ldap secrets engine
  • secrets engine -> enable new engine -> ldap -> enable engine
• Edit configuration
  • administrator distinguished name: cn=Administrator,cn=Users,dc=mydomain,dc=com
  • administrator password: ${rdp_domain_controller_admin_password}
  • URL: ldaps://[${rdp_domain_controller_ipv6}]:636
  • TLS Options: Insecure TLS
• Create Role
  • Role Name: VaultLDAP
  • Distinguished Name: cn=VaultLDAP,cn=Users,dc=mydomain,dc=com
  • Username: VaultLDAP
  • Rotation Period: anything

If these steps are successful, then everything is set up corectly

PCI review checklist

• I have documented a clear reason for, and description of, the change I am making.
• If applicable, I've documented a plan to revert these changes if they require more than reverting the pull request.
• If applicable, I've documented the impact of any changes to security controls.
  Examples of changes to security controls include using new access control methods, adding or removing logging pipelines, etc.

https://hashicorp.atlassian.net/browse/ICU-17930