Look into SQS policies to allow anonymous access to broker and client queues

@trinity-1686a pointed out in #40337 (closed) that SQS policies appear to support anonymous access. Setting this up involves a few steps and we'll need to try it out to make sure it works. It's possible the SQS client API library we're using won't allow us to skip the authentication step as well. The steps are:

• Set an SQS policy to allow anonymous access to the static broker queue. Something like:

  {
   "Version": "2012-10-17",
   "Id": "BrokerQueue_Policy_UUID",
   "Statement": [{
      "Sid":"Queue1_AnonymousAccess_SendMessage",
      "Effect": "Allow",
      "Principal": "*",
      "Action": "sqs:SendMessage",
      "Resource": "arn:aws:sqs:*:[accessid]:snowflake-broker",
   }]
   }

• Modify the broker to set permissions on newly created client queues. Something like:

  perm := &sqs.AddPermissionInput{
        AWSAccountIds: []string{"*"},
        Actions: []string{"ReceiveMessage"},
        Label: aws.String("Anonymous_Receive_"+*clientID),
        QueueUrl: aws.String(res.QueueUrl),
    }

I'm not 100% this is correct, but it seems worth trying if it helps us avoid having to share AWS credentials.