Update GCP Service Extensions documentation

[e-n-0]

What does this PR do? What is the motivation?

• Add a new tab for installation with Terraform scripts
• Rework categories (specially environment variable configuration)
• Reword for better understandability
• Add a note about opened ports

Merge instructions

Merge readiness:

• Ready for merge

For Datadog employees:
Merge queue is enabled in this repo. Your branch name MUST follow the <name>/<description> convention and include the forward slash (/). Without this format, your pull request will not pass in CI, the GitLab pipeline will not run, and you won't get a branch preview. Getting a branch preview makes it easier for us to check any issues with your PR, such as broken links.

If your branch doesn't follow this format, rename it or create a new branch and PR.

To have your PR automatically merged after it receives the required reviews, add the following PR comment:

/merge

Additional notes

[github-actions]

Preview links (active after the build_preview check completes)

Modified Files

• https://docs-staging.datadoghq.com/flavien/gcp-se-terraform-doc/security/application_security/threats/setup/threat_detection/gcp-service-extensions

[estherk15]

Created an Editorial Review card for documentation! https://datadoghq.atlassian.net/browse/DOCS-10554

[domalessi]

@e-n-0 Did a first pass and left come feedback and suggestions. Give that a read-through and let me know if you have any questions. Also let me know when you'd like me to take a second look!

[domalessi]

Suggested change

	- The [Datadog Agent][1] installed and configured for your application's operating system or container, cloud, or virtual environment.
	- [Configured the Agent with Remote Configuration][2] to enable blocking attackers using the Datadog UI.
	- In your GCP project, either the project `owner` or `editor` role, or the relevant Compute Engine IAM roles: `compute.instanceAdmin.v1` (to create instances) and `compute.networkAdmin` (to set up load balancing).
	- A GCP project with a Cloud Load Balancer configured for your services. Your Cloud Load Balancer must be one of the [Application Load Balancers that supports Traffic Callouts][3].
	- The Compute Engine API and Network Services API enabled:
	- Installed and configured the [Datadog Agent][1] for your application's operating system or container, cloud, or virtual environment.
	- [Configured Remote Configuration on the Agent][2] to enable blocking attackers through the Datadog UI.
	- One of the following roles in your GCP project:
	- `owner`
	- `editor`
	- both of the following Compute Engine IAM roles: `compute.instanceAdmin.v1` (to create instances) and `compute.networkAdmin` (to set up load balancing)
	- A GCP project with a Cloud Load Balancer configured for your services. The Cloud Load Balancer must be one of the [Application Load Balancers that supports Traffic Callouts][3].
	- Enabled the Compute Engine API and Network Services API:

[domalessi]

Suggested change

	To set up the ASM Service Extension in your GCP environment, follow the instructions by either using the Google Cloud Console or Terraform scripts.
	To set up the ASM Service Extension in your GCP environment, use the Google Cloud Console or Terraform scripts and complete the following steps.

[domalessi]

@e-n-0 I'm a little confused about the purpose and placement note. Can you clarify the motivation/goal of this line and why it's relevant to users here? It's not clear whether users need to reference these as prerequisites for the setup steps, or if they're just included for additional context. Wondering if this might be better framed or moved depending on its relevance to the instructions below.

[domalessi]

We already have an intro line to this effect above the start of the tabs, so this is redundant.

Suggested change

To integrate a Service Extension with ASM using the Google Cloud Console, complete the following steps:

[domalessi]

We typically don't bold step titles like this. I think the numbering should be enough of a visual aid for users!

Suggested change

	1. **Create a VM Compute instance** using the Datadog ASM Service Extensions Docker image. The image is available on the [Datadog Go tracer GitHub Registry][1].
	1. Create a VM Compute instance using the [Datadog ASM Service Extensions Docker image][1].

[domalessi]

Let's add small lead-in phrases to describe what these files are.

[domalessi]

Same here - some small phrase to lead into the block of text to help orient the user.

This will be easier to parse then trying to make sense of three large, consecutive blocks of code.

[domalessi]

Suggested change

	##### Module configuration
	Insert into your terraform project the module created in the previous step.
	##### 2. Module configuration
	Insert into your Terraform project the module created in the previous step.

[domalessi]

Suggested change

	#### 2. Initialize and apply the Terraform configuration
	#### 3. Initialize and apply the Terraform configuration

[domalessi]

Can we add a header before going into this content? It's a lot of text and it's not clearly distinguishable from the configuration steps above. Is this considered a next step under "Deployment Steps" or is this a post-deployment piece?