rbd: add aws-sts-metdata encryption type

With Amazon STS and kubernetes cluster is configured with
OIDC identity provider, credentials to access Amazon KMS
can be fetched using oidc-token(serviceaccount token).
Each tenant/namespace needs to create a secret with aws region,
role and CMK ARN.
Ceph-CSI will assume the given role with oidc token and access
aws KMS, with given CMK to encrypt/decrypt DEK which will stored
in the image metdata.

Refer: https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html
Resolves: #2879

Signed-off-by: Rakshith R <rar@redhat.com>

examples/kms/vault/csi-kms-connection-details.yaml

@@ -69,5 +69,10 @@ data:
       "IBM_KP_TOKEN_URL": "https://iam.cloud.ibm.com/oidc/token",
       "IBM_KP_REGION": "us-south-2",
     }
+  aws-sts-metadata-test: |-
+    {
+      "encryptionKMSType": "aws-sts-metadata",
+      "secretName": "ceph-csi-aws-credentials"
+    }
 metadata:
   name: csi-kms-connection-details