Fix E2E tests.

* Disable tests for VPC connector and Cloud Functions, CFs are not
  supporrted in the default region
* fix permissions to secrets for Cloud Run
* add permissions admin permissions to any SA within project to
  `var.bucket`
* add permissions to access the secret to any SA within project to
  secrets created by fixture
* disable custom roles in E2E tests, as `var.organization_id` is not the
  same org, within which projects are created in E2E

tests/fixtures/secret-credentials.tf

@@ -23,6 +23,7 @@ module "secret-manager" {
         "roles/secretmanager.secretAccessor" = [
           "serviceAccount:${var.project_number}-compute@developer.gserviceaccount.com",
           "serviceAccount:${var.project_id}@appspot.gserviceaccount.com",
+          "principalSet://cloudresourcemanager.googleapis.com/projects/${var.project_number}/type/ServiceAccount",
         ]
       }
       versions = {