Address #3804 

High level implementation details:
1. Add new RUN flag behind a feature flag that expects multiple
key/values (some are mandatory).
2. Parse and pass the keys to the converter, pass the key values as
additional params to the aws secrets IDs
3. Modify the aws credentials provider (which was used so far to fetch
credentials from local env) to try to get the credentials with oidc:
1. If the oidc key/values are present in the secret - try to call the
cloud to get the credentials, otherwise fallback to local envs.
2. If oidc, use cache/locks to overcome the fact that secrets are
fetched one by one but AWS creds are a group of secrets.