AWS IC CLI setup don't support saml_idp_service_provider_name flag name

[smallinsky]

What

Add ability to set saml_idp_service_provider_name in the tctl CLI flow.

Desc

In #58070, the hybrid mode behavior was updated so that it no longer modifies upstream user attributes. In hybrid mode Teleport does not provision users back to AWS Identity Center and instead works in an adaptation-only mode, importing data from AWS Identity Center into Teleport.

This behavior is currently determined by the absence of saml_idp_service_provider_name in the plugin configuration:
lib/provisioning/users.go#L219

At the moment, the CLI does not provide first-class support for configuring the native mode. As a result, the setup requires two steps:

1. Install the plugin:

   tctl plugins install awsic

2. Update the plugin configuration manually:

         $ tctl edit plugins/aws-identity-center
         
         # add or edit this to match your SAML Service Provider name
         saml_idp_service_provider_name: aws-identity-center-sso
         ```
   
   
   

TODO:

• Add native AWS Identity Center setup support to the CLI so that tctl edit plugins is no longer required
• Update docs