RUST-1529 Use AWS SDK to get credentials

[JamieTsai1024]

Replace existing implementation for getting AWS credentials by using the AWS SDK.

Currently, we have 5 places where we search for AWS credentials:

1. The MongoDB URI
2. Environment variables
3. A custom AWS credential provider if the driver supports it
4. STS AssumeRole or AssumeRoleWithWebIdentity
5. The ECS or EC2 endpoint

For the sake of testing, the existing implementation was replaced instead of being hidden behind a feature flag.

• Methods 1-4 were tested locally. Clone https://github.com/isabelatkinson/drivers-evergreen-tools/tree/local-aws and run the following commands:

./.evergreen/run-aws-auth.sh

cd .evergreen/auth_aws
# run this script to reconfigure the type of AWS authentication to use
# copy the block of unset and export commands output by the script and run them in the terminal window you're using to run the driver tests
./aws_setup.sh (regular | env-creds | assume-role | session-creds | web-identity)

cd ~/mongo-rust-driver 
# Run the unset and set export commands printed by `./aws_setup.sh` for environment variables 
cargo nextest run auth_aws --features aws-auth

Work to be done

• Generate signature using AWS SDK (compute_authorization_header(...))
• Determine feature flags required
  • May restore deleted implementation from this PR, depending on whether we want to keep the AWS SDK as an optional dependency
  • Will clean up commented out code + notes with "RUST-1529"

[isabelatkinson]

I forgot to mention this regarding the testing commit I provided, but we should leave line 226 (patchable: false) in config.yml commented out while this PR is being worked on. patchable: false disables tests from running on every commit to a pull request branch - normally, we don't need to run the AWS authentication tests that frequently, but since we're making AWS-related changes we should be running the tests on this PR.

[isabelatkinson]

Does the SDK handle credential caching? We should make sure the new implementation still caches credentials as outlined in the spec

[JamieTsai1024]

Following up on this — as we discussed, the SDK does implement credential caching. I’ve linked the relevant documentation here in case it's helpful for future reference!

[isabelatkinson]

Would it be feasible to replace AwsCredential in the code with aws_credential_types::Credentials (i.e. the type returned from provide_credentials)? That could remove some of the type translation we're doing here; it looks like they have very similar fields.

[JamieTsai1024]

I think it makes sense to keep AwsCredential for now since we’re still using compute_authorization_header(...), which relies on it. Once that method is removed in the next PR, I can look into fully switching over to aws_credential_types::Credentials.

To make the transition easier later, I’ll update this PR to type creds as aws_credential_types::Credentials and then map it into AwsCredential before using compute_authorization_header(...). That should make it easier to remove from_sdk_creds(...) and AwsCredential in the follow-up.

Also, I missed that another file uses AwsCredential::get, so I’ve moved the credential-fetching logic into a public method to support that use case!