similar to https://github.com/aws-samples/sigv4-signing-examples but the varaint below invokes sts.GetCallerIdentity
where the AWS_SECRET_ACCESS_KEY
is embedded in a TPM
In other words, this sample will seal the AWS_SECRET_ACCESS_KEY
inside a TPM and then use the TPM to create an AWS v4 signature
at no time does the secret leave the TPM but it can be made to issue an hmac
for more info, see