feat(terraform): Add lifecycle rules and import blocks for existing resources

Lifecycle Rules:
- Add prevent_destroy = true to all 32+ resources
- Add ignore_changes = [tags] to prevent tag drift from causing recreation
- Add ignore_changes = [tags, user_data, ami, iam_instance_profile] for EC2
- Preserve existing create_before_destroy for security groups and ACM

Import Blocks (orphaned resources):
- Lambda: sacc4-stop-instances
- Lambda: sacc4-start-instances
- EventBridge: sacc4-stop-instances-schedule
- EventBridge: sacc4-start-instances-schedule

Data Sources:
- aws_instances.existing_api (detect EC2 duplicates)
- aws_db_instance.existing (detect RDS duplicates)
- aws_nat_gateways.existing (detect NAT GW duplicates)
- aws_cloudfront_distribution.existing (detect CloudFront duplicates)

Variables:
- db_identifier: for RDS duplicate detection
- cloudfront_distribution_id: for CloudFront duplicate detection

Validation Results:
- terraform validate: PASSED
- terraform plan: 0 to add, 1 to change, 0 to destroy
- No resources marked for recreation

Orphan EIP detected:
- eipalloc-0bdf9c47a80885c7a (78.13.177.201) unattached
- Requires manual cleanup or investigation

Refs: AWS Resource Validation - May 2026

terraform/variables.tf

@@ -125,6 +125,12 @@ variable "db_password" {
   sensitive   = true
 }
 
+variable "db_identifier" {
+  description = "Identificador de la instancia RDS para verificar existencia (dejar vacío para nueva creación)"
+  type        = string
+  default     = ""
+}
+
 variable "db_allocated_storage" {
   description = "Almacenamiento asignado a RDS en GB"
   type        = number
@@ -152,3 +158,9 @@ variable "cloudfront_price_class" {
   type        = string
   default     = "PriceClass_100"
 }
+
+variable "cloudfront_distribution_id" {
+  description = "ID de la distribución CloudFront existente (dejar vacío para nueva creación)"
+  type        = string
+  default     = ""
+}