I have created a workload identity federation pool in Google Merchant. When adding a provider for AWS, it provides default provider attributes, as pictured below. I am unsure on what values need to be updated and what information must be pulled from AWS. For example, do I need to create a new AWS IAM role attached to my lambda function. The docs provided by Google does not clarify this: https://cloud.google.com/iam/docs/workload-identity-federation#mapping
