Today, AWS Identity and Access Management (IAM) is announcing support for signing AWS API requests with the Sigv4A encryption algorithm using session tokens issued in the AWS GovCloud (US-West) Region. Cryptographically signing an AWS request with the Sigv4A algorithm allows you to send the request to service endpoints in any of the AWS GovCloud (US) Regions.
If workloads or callers in your account intend to sign AWS requests using Sigv4A, or you plan to adopt a specific AWS feature that requires it, configure the AWS Security Token Service (STS) endpoint in the AWS GovCloud (US-West) Region to vend session tokens that support the Sigv4A algorithm. You can configure this behavior either using the AWS IAM Console or calling the AWS IAM SetSecurityTokenServicePreferences API. Session tokens that support the Sigv4A algorithm are larger in size and match the size of session tokens issued by the STS endpoint in the AWS GovCloud (US-East) Region, which already supports the use of Sigv4A.
Source:: Amazon AWS