feat(graphql-model-transformer): add dsql support for sql lambda

[sundersc]

Description of changes

This PR introduces IAM-based authentication support for DSQL database connections in SQL lambda, enhancing our current authentication capabilities.

The implementation leverages existing SSM parameter to store the connection string, following our existing credential storage strategy for Gen2 brownfield support. Connection strings will follow the format postgres://hostname:port/database, with DSQL hosts identified by the *.dsql.*.on.aws domain pattern.

Authentication will use the default admin user, with database credentials dynamically generated using DsqlSigner helper methods provided by the SDK. This approach provides a flexible and secure method for establishing database connections while maintaining our infrastructure's existing patterns.

Key Changes

• Implement IAM authentication for DSQL databases
• Use existing SSM parameter to read connection string
• Dynamic credential generation
• DSQL host identification via domain pattern

CDK / CloudFormation Parameters Changed

NA

Issue #, if available

NA

Description of how you validated changes

• Manual test

Checklist

• PR description included
• yarn test passes
• E2E test run linked
• Tests are changed or added
• Relevant documentation is changed or added (and PR referenced)
• New AWS SDK calls or CloudFormation actions have been added to relevant test and service IAM policies
• Any CDK or CloudFormation parameter changes are called out explicitly

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.