Most credentials in a CasC-configured Jenkins can be looked up through the CredentialsProvider API, but a handful of them cannot. These can only be supplied directly (hardcoding in the CasC YAML) or through CasC's lower-level SecretSource API.

Implement the SecretSource API in this provider, to close the gap.

Note: This feature is the counterpart to the configuration-as-code-secret-ssm-plugin, which does this with Parameter Store as the backend.