Automatically fall back to CSA mode for preview if SSA fails

[lblackstone]

SSA mode requires additional permissions that may not be desirable at the preview stage. The provider should support a fallback to CSA mode for preview if the SSA preview fails without requiring an explicit provider configuration change.

Motivating comment from another issue follows:

For some background we want to be able to run CSA previews (never up commands, those will all be SSA) so that users / less privileged bots can preview changes without having to have full permissions to do everything they are proposing ([a real limit with k8s SSA](.(*mockPlmRepo))). This is because we want to only give deployment permissions to our CD system + oncall engineers. Non-oncall engineers will still be able to propose changes, but those changes will have to be reviewed before being merged into main and deployed via the CD system. Having a preview is itself a very helpful tool in the review process to make sure unintended changes aren't being made, but we can't safely run a SSA preview on unreviewed code.

We realize that there may be some diffs between the 2 systems regarding fields that are actually shared via SSA, but we would expect to see no diffs for fields managed entirely by pulumi.

Originally posted by @henry-fn in #2378 (comment)

Related: #2213