Currently, credential management is entirely server-side, requiring server administrators to configure credentials for all users. This creates several issues:

• Does not allow to dynamically switch between different AWS accounts or GCS projects
• Does not provide per-session credential isolation
• Server dependency: All credential changes require server administrator intervention
• Shared credentials: All users must share the same server-configured credentials
• Limited flexibility: Applications cannot dynamically manage their own credentials

Adding PostgreSQL session variables for credential resolution would enable client-side credential management. similar to what is supported aws_s3 and pg_duckdb.