fix!: change default to false datawatch_encrypt_secrets_with_kms_enabled

The datawatch_encrypt_secrets_with_kms_enabled flag enables KMS
encryption in datawatch. As of 1.57.0 the feature is not yet GA, so
this value is being changed to false.

BREAKING CHANGE: If you are upgrading from 6.6.0 or later to 8.0.0,
and have application version greater than 1.57.0, then no action
will result in corruption of your data.

Recommendation: If upgrading from terraform version greater than 6.6.0
but less than 8.0.0, and have application version 1.58.0 or higher,
then you must set datawatch_encrypt_secrets_with_kms_enabled = true.
If your application version is less than 1.57.0, then no action is
required.

Downtime: Yes if you do not follow these instructions. Otherwise no.
If you encounter an error as part of this and yoru KMS key is
accidentally deleted, then please make sure you reinstate your
KMS key. KMS keys are only retained for a short period of time after
deletion, allowing for recovery, so make sure you recover any
accidentally KMS keys, otherwise your data will be irrecoverable.
Only application versions 1.58.0 or greater are at risk of this.

Steps: Upgrade to version 7.0.2, then set the
datawatch_encrypt_secrets_with_kms_enabled variable
to true, run terraform apply, and then upgrade to 8.0.0.

modules/bigeye/variables.tf

@@ -1382,9 +1382,9 @@ variable "datawatch_base_salt_secret_arn" {
 }
 
 variable "datwatch_encrypt_secrets_with_kms_enabled" {
-  description = "Flag for enabling KMS secret encryption. Setting this to false is not recommended unless KMS is not available in your AWS environment."
+  description = "Flag for enabling KMS secret encryption. Setting this value to false after it has been set to true is NOT supported and will break your installation."
   type        = bool
-  default     = true
+  default     = false
 }
 
 variable "datawatch_db_name" {