From my experience with AWS, an ARN (Amazon Resource Name) is simply an identifier used to identify a service within AWS, it's not necessarily anything to do with credentials.
Here's the Amazon page for RDS ARN[
^]
As I understand it, if your DevOps team aren't willing to share credentials they should be looking at creating an
IAM [
^] instead, which is a way for your DevOps team to create a personalised security profile which has limited access to AWS resources. You can read up on
this documentation page[
^] for more information on that.
Personally, I wouldn't see an issue with having access to credentials to access the database so long as the role has only the permissions needed. However some companies can be extremely strict over that sort of thing, so using things like ARN and IAM tend to be more secure.