What is the bug?

In my organization, we recently moved from a single account to a multi account AWS organization.

Before I had my ~/.aws/credentials file as such:

[default]
aws_access_key_id = *********************
aws_secret_access_key = *********************************

With this setup, I could run gdalinfo to a file on s3 simply running:

gdalinfo /vsis3/bucket/path/to/file.tif

Now, in place of the credentials file, I have the ~/.aws/config file as such:

[sso-session my-sso]
sso_start_url = https://mysso.awsapps.com/start/
sso_region = eu-central-1
sso_registration_scopes = sso:account:access
[default]
region = eu-central-1
sso_session = my-sso
sso_account_id = 123456789012
sso_role_name = AdministratorAccess
[profile AdministratorAccess-123456789012]
sso_session = my-sso
sso_account_id = 123456789012
sso_role_name = AdministratorAccess
region = eu-central-1

This way, a normal aws s3 ls command works and lists my buckets, but gdalinfo fails with the error:

ERROR 15: AWS_SECRET_ACCESS_KEY and AWS_NO_SIGN_REQUEST configuration options not defined, and /home/myuser/.aws/credentials not filled
gdalinfo failed - unable to open '/vsis3/bucket/path/to/file.tif

I would expect GDAL to pick up the default profile and use it to authenticate against AWS.
I opened the issue since I did not find any information on this.

Steps to reproduce the issue

To reproduce, you need to:

• have access to an AWS Single-Sign On instance (AWS IAM Identity Center) with at least one account attached
• have GDAL installed (i have version 3.9.3)
• run aws configure sso and follow the steps to configure the sso authentication
• add a [default] entry manually in the ~/.aws/config file
• DO NOT have a ~/.aws/credentials file
• run gdalinfo against a tiff file on a s3 bucket within the organization

Versions and provenance

Self-built GDAL running in Ubuntu-22.04 WSL under Windows 11.
Output of gdalinfo --version:
GDAL 3.9.3, released 2024/10/07 (debug build)

Additional context

No response