Update cdk-nag github actions to v4, add OIDC role (#758)

### Feature or Bugfix
- Bugfix

### Detail
- add OIDC role for CDK-nag actions
- upgrade cdk-nag actions to latest version (V2 deprecated soon)

### Relates

### Security
Please answer the questions below briefly where applicable, or write
`N/A`. Based on
[OWASP 10](https://owasp.org/Top10/en/).

- Does this PR introduce or modify any input fields or queries - this
includes
fetching data from storage outside the application (e.g. a database, an
S3 bucket)?
  - Is the input sanitized?
- What precautions are you taking before deserializing the data you
consume?
  - Is injection prevented by parametrizing queries?
  - Have you ensured no `eval` or similar functions are used?
- Does this PR introduce any functionality or component that requires
authorization?
- How have you ensured it respects the existing AuthN/AuthZ mechanisms?
  - Are you logging failed auth attempts?
- Are you using or adding any cryptographic features?
  - Do you use a standard proven implementations?
  - Are the used keys controlled by the customer? Where are they stored?
- Are you introducing any new policies/roles/users?
  - Have you used the least-privilege principle? How?


By submitting this pull request, I confirm that my contribution is made
under the terms of the Apache 2.0 license.

.github/workflows/cdk-nag.yml

@@ -29,9 +29,9 @@ jobs:
       - name: Git clone
         uses: actions/checkout@v3
       - name: configure aws credentials
-        uses: aws-actions/configure-aws-credentials@v2
+        uses: aws-actions/configure-aws-credentials@v4
         with:
-          role-to-assume: arn:aws:iam::020286015001:role/aws-dataall-github-actions
+          role-to-assume: arn:aws:iam::109658928441:role/aws-dataall-github-actions
           role-session-name: dataall-gh-act
           aws-region: ${{ env.AWS_DEFAULT_REGION }}
       - name: Set up Node.js