Support mapRoles configuration

[gp42]

In order to fully manage aws-auth configMap, the operator needs to support role mapping.

Example configuration:

  mapRoles: |
    - rolearn: <aws_role_arn>
      username: <username>  # optional, defaults to AWS Role name
      groups:
        - dev-operator-k8s-admins
        - dev-operator-k8s-users

[autarchprinceps]

Agree, we have never synced a group or user before, but roles is required for every cluster we manage. Direct usage of IAM users is not AWS best practices anyway.