Add external account on ECS support.

[alu]

The URL to obtain credential in ECS is different from EC2.
Therefore, support has been added.

https://docs.aws.amazon.com/sdkref/latest/guide/feature-container-credentials.html

[i10416]

Hello, I accidentally found this PR while exploring the design to implement AWS external account subject token for gcloud-sdk-rs(see abdolence/gcloud-sdk-rs#172), which is another google cloud sdk crate.

I found the official AWS SDK provides the abstraction over credentials lookup mechanism named DefaultCredentialsChain.

It covers

1. Environment variables: [EnvironmentVariableCredentialsProvider]
2. Shared config (~/.aws/config, ~/.aws/credentials): SharedConfigCredentialsProvider
3. Web Identity Tokens
4. ECS (IAM Roles for Tasks) & General HTTP credentials: ecs
5. EC2 IMDSv2

Unless maintainers and you intentionally re-invent the wheel to avoid additional dependencies, I recommend using DefaultCredentialsChain in order to reduce maintenance burden and potential bugs.

https://github.com/awslabs/aws-sdk-rust/blob/a970bb68a57b8d44d2737b18897b95eaa49f7dd8/sdk/aws-config/src/default_provider/credentials.rs#L25

[yoshidan]

@i10416
Thank you for your suggestion. I will consider using aws-sdk-rust as I do not wish to reinvent the wheel.

@alu
Thank you for your contribution.
This crate is based on google-cloud-go. The original aws-provider.go in google-cloud-go doesn't have ECS support directly.
https://github.com/googleapis/google-cloud-go/blob/d8bc98307985b6db284e75e85ec5c7af87748c81/auth/credentials/internal/externalaccount/aws_provider.go#L247

Instead of including a specific ECS support implementation (e.g. 169.254.170.2) in this crate,
We would like to receive and execute the SecurityCredentialsProvider trait in the same way as the go implementation.
Then you should be able to use aws-sdk-rust.

[alu]

@yoshidan So what should I do? Is there anything I can do to help?