fix(opensearchservice): OpenSearchAccessPolicy unnecessarily attempts to install latest sdk version

[mrgrain]

This introduced uncertainty into the resource behavior, adds at least 60s to the execution time and will cause deployments in CN regions to fail.

No tests add because the existing tests run with the @aws-cdk/customresources:installLatestAwsSdkDefault feature flag set to the recommended value. This change is merely change the OpenSearchAccessPolicy config for users that don't set the feature flag. We can safely do this, because we control the code for this custom resource and know it works with the provided SDK version.

Related to #27597

---

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

[aws-cdk-automation]

The pull request linter has failed. See the aws-cdk-automation comment below for failure reasons. If you believe this pull request should receive an exemption, please comment and provide a justification.

A comment requesting an exemption should contain the text Exemption Request. Additionally, if clarification is needed add Clarification Request to a comment.

✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.

[mergify]

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

[aws-cdk-automation]

AWS CodeBuild CI Report

• CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
• Commit ID: 6a294b0
• Result: SUCCEEDED
• Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

[mergify]

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).