feat(docdb): add managed password support

[mazyu36]

Issue # (if applicable)

Closes #.

Reason for this change

This change adds support for AWS Secrets Manager managed passwords in DocumentDB clusters.
This feature provides enhanced security by allowing AWS DocumentDB to automatically generate, manage, and rotate master user passwords using AWS Secrets Manager, eliminating the need for manual password management.

Description of changes

• manageMasterUserPassword: boolean - Enables AWS Secrets Manager to manage the master user password
• masterUserSecretKmsKey: kms.IKey - Specifies a custom KMS key to encrypt the managed secret
• rotateMasterUserPassword: boolean - Triggers immediate password rotation for managed secrets

Describe any new or updated permissions being added

Description of how you validated changes

Add unit tests and an integ test.

Checklist

• My code adheres to the CONTRIBUTING GUIDE and DESIGN GUIDELINES

---

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

[github-actions]

⚠️ Experimental Feature: This security report is currently in experimental phase. Results may include false positives and the rules are being actively refined.
Please try merge from main to avoid findings unrelated to the PR.

---

	Tests	Passed ✅	Skipped	Failed
Security Guardian Results	48 ran	48 passed

Test	Result
No test annotations available

• View Security Guardian Results

[github-actions]

⚠️ Experimental Feature: This security report is currently in experimental phase. Results may include false positives and the rules are being actively refined.
Please try merge from main to avoid findings unrelated to the PR.

---

	Tests	Passed ✅	Skipped	Failed
Security Guardian Results with resolved templates	48 ran	48 passed

Test	Result
No test annotations available

• View Security Guardian Results with resolved templates