Add GCP IAM conditions fixtures

[DENGXUELIN]

/claim #1727

Summary

Adds fixture-backed IAM Conditions and time-bound access evidence handling to gcp-review.

Changes include:

• adds GCP-IAM-COND-01 through GCP-IAM-COND-08 for binding inventory, CEL condition evidence, enforceable expiry, scoped conditions, unsupported basic/public grants, break-glass governance, drift/expiry monitoring, and evidence confidence
• adds a supplemental IAM Conditions evidence output table
• extends the GCP benchmark checklist with Terraform examples, gcloud/Cloud Asset evidence commands, review checks, and unsupported basic/public grant guidance
• adds benign/vulnerable Terraform fixtures for enforceable temporary/scoped/break-glass IAM Conditions versus permanent comments, manual reminders, basic/public grants, and weak scope conditions

Why

The existing #1728 and #1729 PRs add useful skill/checklist guidance, but neither adds local regression fixtures. This PR keeps the fix skill-local and adds concrete benign and vulnerable Terraform examples so future reviews distinguish deployed IAM Conditions from ticket-only or unsupported conditional-access claims.

Validation

• git diff --check origin/main...HEAD
• Markdown fence-balance check for modified files
• Marker check for GCP-IAM-COND-01 through GCP-IAM-COND-08, IAM Conditions and Time-Bound Access Evidence, request.time < timestamp, allAuthenticatedUsers, roles/owner, roles/editor, roles/viewer, configuring-temporary-access, and version: "1.0.1"
• Terraform fixture marker check for temporary/scoped/break-glass conditions, drift monitoring, permanent editor access, service account token creator access, public viewer access, and weak scope conditions
• Added-line ASCII scan
• Added-line sensitive/public-contact pattern scan
• git merge-tree --write-tree origin/main HEAD

Bounty

I have read and agree to the CONTRIBUTING.md bounty terms. Requested Improver Moderate tier if accepted.