feat: Move away from delegated admininstrator

[flochaz]

Problem statement

Current implementation rely on making stages account being delegated administrator of the Root account to be able to get the needed info to create the proper pipeline or proper dns setup. This limit the number of account that can be used for DNS due to the limited number of delegatedAdministrator account allowed (4 from the experiment).

Potential solution

Moving to SSM would enable to go around this limitation. This means changing:

Delegation registration to SSM ssm.putParameter:

• https://github.com/awslabs/aws-bootstrap-kit/blob/74aa16188776eb695358cf40e7519387650b72dc/source/aws-bootstrap-kit/lib/account.ts#L186
• https://github.com/awslabs/aws-bootstrap-kit/blob/74aa16188776eb695358cf40e7519387650b72dc/source/aws-bootstrap-kit/lib/account.ts#L191

org.listAccounts and org.listTagsForResource to ssm.getParameter:

• https://github.com/awslabs/aws-bootstrap-kit/blob/74aa16188776eb695358cf40e7519387650b72dc/source/aws-bootstrap-kit/lib/dns/delegation-record-handler/index.ts#L218
• https://github.com/aws-samples/aws-bootstrap-kit-examples/blob/main/source/3-landing-page-cicd/cdk/lib/cicd-stack.ts#L66
• https://github.com/aws-samples/aws-bootstrap-kit-examples/blob/main/source/3-landing-page-cicd/cdk/lib/cicd-stack.ts#L71

[ntippie]

This will also solve two possible issues I've encountered:

aws-bootstrap-kit dependency on context domain_name (sole context reference in package)

• https://github.com/awslabs/aws-bootstrap-kit/blob/c80f140345ff69ef9f8d5e475316ddbc88f01fc1/source/aws-bootstrap-kit/lib/account.ts#L189

Incorrect root account may be resolved for DNS if other invited accounts are within the organization

• https://github.com/awslabs/aws-bootstrap-kit/blob/c80f140345ff69ef9f8d5e475316ddbc88f01fc1/source/aws-bootstrap-kit/lib/dns/delegation-record-handler/index.ts#L225-L226