[v18] Add tsh aws-profile to Generate AWS Profiles from AWS Identity Center Integration

[tele-lion]

Backport of the following PRs to branch/v18:

• Add tsh aws-profile to Generate AWS Profiles from AWS Identity Center Integration #63032
• Add AWS Account Name and SSO Region Label Constants #64397

Manual Test Plan

Test Environment

Test Cases

• test

changelog: Added a new tsh aws-profile command that detects your AWS Identity Center integration (if configured) and writes corresponding AWS profiles into your local AWS config file for later use

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: aa51b0cb30

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

Make generated AWS profile names globally unique

The profile name is derived only from accountName and permission set (formatAWSProfileName(accountName, ps.Name)), so two Identity Center accounts from different sessions/integrations that share the same account label and role (for example, both have dev + Admin) produce the same [profile ...] section name. WriteSSOConfig then reuses that section and the later app silently overwrites sso_session/sso_account_id, leaving only one working profile and potentially pointing users at the wrong account.

Useful? React with 👍 / 👎.