feat: Add configurable AWS credential provider selection

[vlasopoulos]

Summary

• Add credential_provider config option (RDS_IAM_CREDENTIAL_PROVIDER env) to override which AWS credential provider is used for token signing
• Supports: default, environment, ecs, web_identity, instance_profile, sso, ini
• Defaults to default (full SDK chain) — no breaking changes

[Copilot]

Pull request overview

This PR adds a package-level configuration switch to explicitly select which AWS SDK credential provider is used when signing RDS IAM auth tokens, while keeping the existing “default SDK chain” behavior as the default.

Changes:

• Added credential_provider config option (and RDS_IAM_CREDENTIAL_PROVIDER env var) with a fixed set of supported provider names.
• Updated token generation to use the configured credential provider instead of always using the SDK default chain.
• Added tests and documentation/CHANGELOG entries for the new configuration.

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
src/RdsAuthTokenProvider.php	Introduces resolveCredentialProvider() and wires it into AuthTokenGenerator creation.
config/rds-iam-auth.php	Adds credential_provider config key backed by RDS_IAM_CREDENTIAL_PROVIDER.
tests/RdsAuthTokenProviderTest.php	Adds coverage for supported provider names and unsupported provider error handling.
README.md	Documents the new config option and env var.
CHANGELOG.md	Notes the new configurable credential provider feature under Unreleased.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[dimoschi]

Looks nice and useful. Thank you @vlasopoulos