pulumi-aws: pulumi-aws 5.7.0 seems unable to validate AWS credentials for AWS Profile only

What happened?

Updating to pulumi-aws 5.7.0 caused stack to be unable to find the access key/secret key for aws. These keys are working via AWS cli and work on pulumi-aws 5.6.0 (downgrading fixes the issue).

Steps to reproduce

$ export AWS_PROFILE=PROFILENAME $ pulumi preview --diff Results in: error: unable to validate AWS AccessKeyID and/or SecretAccessKey - see https://pulumi.io/install/aws.html for details on configuration

Expected Behavior

Validating aws credentials based on AWS_PROFILE

Actual Behavior

It does seem to find the credentials, when run with --debug I see this:

  pulumi:pulumi:Stack (aws-test):
    debug: AWS Auth provider used: "SharedCredentialsProvider"
    debug: Retrieved credentials from "SharedConfigCredentials: /Users/nnewton/.aws/credentials"
    debug: Trying to get account information via iam:GetUser
    debug: [aws-sdk-go-v2] Request
    debug: POST / HTTP/1.1
    debug: Host: iam.amazonaws.com
    debug: User-Agent: APN/1.0 Pulumi/1.0 Pulumi/1.0 Pulumi-Aws/0.11+compatible (+https://www.pulumi.com) aws-sdk-go-v2/1.16.2 os/macos lang/go/1.17.9 md/GOOS/darwin md/GOARCH/arm64 api/iam/1.18.0
    debug: Content-Length: 33
    debug: Amz-Sdk-Invocation-Id: ec89da52-f37b-4985-9dd8-e6d533763942
    debug: Amz-Sdk-Request: attempt=1; max=25
    debug: Content-Type: application/x-www-form-urlencoded
    debug: X-Amz-Date: 20220606T224320Z
    debug: Accept-Encoding: gzip
    debug:
    debug: Action=GetUser&Version=2010-05-08
    debug: [aws-sdk-go-v2] Response
    debug: HTTP/1.1 200
    debug: Content-Length: 527
    debug: Content-Type: text/xml
    debug: Date: Mon, 06 Jun 2022 22:43:20 GMT
    debug: X-Amzn-Requestid: 906e4294-f0bc-40a9-9aa7-e66dc4dc6fdc
    debug:
    debug: <GetUserResponse xmlns="https://iam.amazonaws.com/doc/2010-05-08/">
    debug:   <GetUserResult>
    debug:     <User>
    debug:       <Path>/</Path>
    debug:       <PasswordLastUsed>2022-06-02T17:40:27Z</PasswordLastUsed>
    debug:       <Arn>arn:aws:iam::SNIP:user/nnewton</Arn>
    debug:       <UserName>nnewton</UserName>
    debug:       <UserId>SNIP</UserId>
    debug:       <CreateDate>2015-10-29T20:18:09Z</CreateDate>
    debug:     </User>
    debug:   </GetUserResult>
    debug:   <ResponseMetadata>
    debug:     <RequestId>906e4294-f0bc-40a9-9aa7-e66dc4dc6fdc</RequestId>
    debug:   </ResponseMetadata>
    debug: </GetUserResponse>```

So it does seem to pull credentials and validate a user. However it still fails out with:
```  pulumi:pulumi:Stack: (same)
    [urn=urn:pulumi:test::aws::pulumi:pulumi:Stack::aws-test]
    ~ pulumi:providers:aws: (update)
        [id=7659c1a4-9b7c-4999-9d3b-64ba59ddcd61]
        [urn=urn:pulumi:test::aws::pulumi:providers:aws::aws-uswest2]
        region                   : "us-west-2"
      ~ skipCredentialsValidation: "true" => "false"
        skipGetEc2Platforms      : "true"
        skipMetadataApiCheck     : "true"
        skipRegionValidation     : "true"
      ~ version                  : "5.4.0" => "5.7.0"
error: unable to validate AWS AccessKeyID and/or SecretAccessKey - see https://pulumi.io/install/aws.html for details on configuration
Resources:
    ~ 1 to update
    4 unchanged

I tried changing skipCredentialsValidation to false and it had no impact, except that line was no longer in the reported diff.

Versions used

CLI Version 3.33.2 Go Version go1.18.2 Go Compiler gc

Plugins NAME VERSION aws 5.6.0 awsx 1.0.0-beta.8 docker 3.2.0 eks 0.40.0 kubernetes 3.19.2 python unknown

Host OS darwin Version 12.4 Arch arm64

Additional context

No response

Contributing

Vote on this issue by adding a 👍 reaction. To contribute a fix for this issue, leave a comment (and link to your pull request, if you’ve opened one already).