aws: adds support for dynamically configurable credential

[mathetake]

Commit Message: aws: adds support for dynamically configurable credential
Additional Description:
This adds a new API for AWS Signing filter that allows control planes to
configure the credentials providers to sign requests.

Note that the similar configuration had already been added for AWS Lambda filter,
and this adds the similar but more generic configuration API for credential in the common
configuration. In the future, the lambda filter can also leverage this new common
configuration.

Closes #36109

Risk Level: low
Testing: unit
Docs Changes: done
Release Notes: TODO after API approval
Platform Specific Features:
[Optional Runtime guard:]
[Optional Fixes #Issue]
[Optional Fixes commit #PR or SHA]
[Optional Deprecated:]
[Optional API Considerations:]

[repokitteh-read-only]

As a reminder, PRs marked as draft will not be automatically assigned reviewers,
or be handled by maintainer-oncall triage.

Please mark your PR as ready when you want it to be reviewed!

🐱

Caused by: #36217 was opened by mathetake.

see: more, trace.

[repokitteh-read-only]

CC @envoyproxy/api-shepherds: Your approval is needed for changes made to (api/envoy/|docs/root/api-docs/).
envoyproxy/api-shepherds assignee is @wbpcode
CC @envoyproxy/api-watchers: FYI only for changes made to (api/envoy/|docs/root/api-docs/).

🐱

Caused by: #36217 was opened by mathetake.

see: more, trace.

[mathetake]

@suniltheta @nbaws could you take a look and check if the direction looks good? thanks!

[nbaws]

@mathetake ack - will provide feedback shortly

[nbaws]

@mathetake I am ok with this design - I assume the behaviour is for this xds configuration to take precedence over the default handling?

This may also be something that rolls up capability from #34121 in future? Though I haven't looked hard at how the xds configuration ends up looking.

Can you look to update https://github.com/envoyproxy/envoy/blob/main/docs/root/configuration/http/http_filters/_include/aws_credentials.rst as. part of this PR

[mathetake]

@nbaws thanks for the look - will get back to this PR and continue working by the end of this week

[mathetake]

This may also be something that rolls up capability from #34121 in future? Though I haven't looked hard at how the xds configuration ends up looking.

Oh yeah I think the API here could be used to generalize and obviate the explicit config in #34121

[mathetake]

@nbaws just marked the PR as ready for review now - PTAL

[alyssawilk]

@wbpcode looks like this is ready for a pass?