Rescope AWS ARN from secret to var (#1598)

The name of the role isn't a `secret`, so storing at such means it's
masked logs etc which makes debugging difficult. More specifically,
authentication is handled via
[OIDC](https://docs.github.com/en/actions/how-tos/secure-your-work/security-harden-deployments/oidc-in-aws),
on it's own the role does nothing.

Instead, it should be rescoped as a `var`.

Author: JackPGreen

.github/workflows/coverage_runner.yml

@@ -76,7 +76,7 @@ jobs:
           - name: Configure AWS Credentials
             uses: aws-actions/configure-aws-credentials@v5
             with:
-                role-to-assume: ${{ secrets.AWS_HAZELCAST_OIDC_GITHUB_ACTIONS_ROLE_ARN }}
+                role-to-assume: ${{ vars.AWS_HAZELCAST_OIDC_GITHUB_ACTIONS_ROLE_ARN }}
                 aws-region: 'us-east-1'
 
           - name: Get Secrets

.github/workflows/nightly_runner_master.yml

@@ -42,7 +42,7 @@ jobs:
             - name: Configure AWS Credentials
               uses: aws-actions/configure-aws-credentials@v5
               with:
-                  role-to-assume: ${{ secrets.AWS_HAZELCAST_OIDC_GITHUB_ACTIONS_ROLE_ARN }}
+                  role-to-assume: ${{ vars.AWS_HAZELCAST_OIDC_GITHUB_ACTIONS_ROLE_ARN }}
                   aws-region: 'us-east-1'
 
             - name: Get Secrets