AWS Rule Changes

What does this MR do?

This MR contains the following changes:

1. Introduces AWS Bedrock Short-lived Key

2. Introduces coverage for multiple Access Key ID variants for different scenarios. Read more details in this comment, here's the excerpt:

   While AKIA is the common prefix when defining Access Key ID which indicates Long-term Access Key, the prefix for Access Key ID changes based on certain scenarios:

   • It would have ASIA prefix when AWS STS creates temporary credentials to access resources. We already support this one ✅
   • It would have ABIA prefix when AWS creates Service Bearer Tokens. This is an alternate method to request signing for authenticating API requests.
   • It would also has A3T prefix in certain scenarios which seems official but is undocumented.
   • While all these scenarios have different prefixes but they all are still Access Key ID sharing the same Access Secret Key and Session Token format.

3. Since there is no dedicated "AWS STS Key" but rather change in the prefix of Access Key ID, it still comes under AWS Access Key ID rule. So, I've removed the support for AWSSTSKey rule.

What are the relevant issue numbers?

https://gitlab.com/gitlab-org/gitlab/-/issues/334427+

Does this MR meet the acceptance criteria?

• Changelog entry added
• Documentation created/updated for GitLab EE, if necessary
• Documentation created/updated for this project, if necessary
• Documentation reviewed by technical writer or follow-up review issue created
• Tests updated/added for this feature/bug
• Job definition updated, if necessary
  • Auto-DevOps template
  • Job definition example
  • CI Templates
• Conforms to the code review guidelines
• Conforms to the Go guidelines
• Security reports checked/validated by reviewer