ComputeSecurityPolicy: Missing Regional scope option

[ap0phi5]

Checklist

• I did not find a related open enhancement request.
• I understand that enhancement requests filed in the GitHub repository are by default low priority.
• If this request is time-sensitive, I have submitted a corresponding issue with GCP support.

Describe the feature or resource

There seems currently no way to scope a Cloud Armor policy to regional (from global) using KCC.

I believe Terraform have gone down the route of having a separate resource-type for Regional Security Policy, however there is no equivalent here.
https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_region_security_policy

This creates the security-policy in global scope:

apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeSecurityPolicy
metadata:
  name: allow-all
spec:
  description: A permissive policy to allow all traffic
  rule:
  - description: Rule matching all IPs with priority 2147483647, set to allow.
    action: allow
    priority: 2147483647
    match:
      versionedExpr: SRC_IPS_V1
      config:
        srcIpRanges:
        - "*"

The following app will not bind to the allow-all policy if my-app is a regional service:

apiVersion: networking.gke.io/v1
kind: GCPBackendPolicy
metadata:
  name: my-app-backend-policy
spec:
  default:
    securityPolicy: allow-all
  targetRef:
    group: ""
    kind: Service
    name: my-app