Pick SageMaker IAM credentials to use for code completion

[ahusseinali]

Problem

SageMaker IAM are not automatically picked up from node environment for Amazon Q Code Completion. However, this feature is supported in AWS-Toolkit and was working fine for code completion before Amazon Q codebase split from aws-toolkit logic

Solution

• Bring the IAM credential provider to Amazon Q extension activation
• The scope is narrowed down to Sagemaker environment for safety and since it's an existing feature, no extra tests need to be added

---

License: I confirm that my contribution is made under the terms of the Apache 2.0 license.

[github-actions]

This pull request modifies code in src/ but no tests were added/updated. Confirm whether tests should be added or ensure the PR description explains why tests are not required.

[justinmk3]

Thanks for including a changelog. Please review the changelog guidelines.

[ahusseinali]

Does it need further refinement? I can take your proposal on that. How much context should be stated in it?

[justinmk3]

The scope is narrowed down to Sagemaker environment for safety and since it's an existing feature,

Please evaluate (based on the usages in the code) whether it makes sense to enable in general. That's part of the work here.

[ahusseinali]

Please evaluate (based on the usages in the code) whether it makes sense to enable in general. That's part of the work here.

I initially had it with a wider scope, but I believe it's risky as the logic has implied assumption that the code is loaded in a container environment with IAM permissions passed to that environment. It's hard to reason about whether it should be enabled in general unless we provide Chat support as well for IAM (which is WIP)

[ahusseinali]

Closing this change as it was merged as part of a different change