Allow AWS SigV4 for SDS Authentication

[bcelenza]

Title: Support SigV4 AuthN for Secret Discovery Service

Description:
AWS App Mesh intends to host an SDS endpoint for secret discovery related to AWS integrations (Certificate Manager, Secrets Manager, etc.).

The current documentation for SDS states:

The connection between Envoy proxy and SDS server has to be secure. One option is to run the SDS server on the same host and use Unix Domain Socket for the connection. Otherwise it requires mTLS between the proxy and SDS server. In this case, the client certificates for the SDS connection must be statically configured.

As currently worded, the only supported options are local domain socket and mTLS to the SDS server. However, with the recent addition of the AWS IAM SigV4 gRPC Credentials Extension, I would propose we update the documentation to include this as a valid mechanism for SDS AuthN.

An alternative approach would be to relax the wording in the documentation to be (a) Unix Domain Socket or (b) some authenticated connection to a remote SDS endpoint, but this may be too vague.

Happy to contribute the doc updates, but looking for buy-in on this issue before I proceed.

[mattklein123]

Yes agreed this makes sense to me. cc @lizan

[lizan]

SGTM, thanks @bcelenza!

[bcelenza]

Given PR #8067 is merged and the live docs appear to be updated, I'll close this issue. Please re-open and let me know if I've missed anything else.

Thanks all!