Support AWS CloudFront multi-tenant distributions (distribution tenants + connection groups)

[harneeth5]

The AWS CloudFront “multi-tenant distribution” feature (with distribution tenants and connection groups) allows you to use a “template” distribution configuration and then create tenant distributions that inherit the configuration, customizing only certain parameters per tenant.
AWS Documentation

This is useful in SaaS or multi-tenant platforms: you can share base behavior/origin/security settings, and let each tenant override certificate, domain name (alias), origin path, etc., without fully duplicating all configuration.
AWS Documentation

Currently, the terraform-aws-cloudfront module supports creating a single CloudFront distribution (with multiple origins, cache behaviors, etc.).
GitHub
It does not appear to support the newer multi-tenant constructs (connection groups, distribution tenants).

I propose adding support for multi-tenant distributions in this module, so end users can:

Create a “template / multi-tenant distribution” resource (non-routable)

Specify shared configuration (origins, cache behaviors, security, etc.)

Create multiple “tenant distributions” referencing the template, optionally overriding a small subset of settings (aliases, certificate, origin path, WAF ACL, etc.)

Possibly manage the connection group resource (or let it be implicitly created)

Provide constraints so unsupported features (for multi-tenant) are either disabled or validated

[github-actions]

This issue has been automatically marked as stale because it has been open 30 days
with no activity. Remove stale label or comment or this issue will be closed in 10 days

[github-actions]

This issue was automatically closed because of stale in 10 days