Full support for AWS keypair/secrets & Refactoring for local secrets/keypair

[massenz]

The configuration of key pairs and secrets was not consistent, and rather unsatisfactory when it came to AWS.
This has now been consolidated under two properties: keys for the key properties, and aws for AWS connection configuration.

A good example of the use is in the application.yaml for the webapp, however, here is a simple snippet:

aws:
  region: us-west-2
  profile: default

keys:
  algorithm: PASSPHRASE
  location: aws_secret
  name: test-secret

and this is how to configure a key pair instead in AWS:

keys:
  algorithm: EC
  location: aws_secret
  name: demo-pair

The following options are currently available for the location field:

  # env:      env var name which contains the signing secret
  # file:     the file whose contents are the plaintext secret (NOT secure)
  #
  # keypair:    the filename without extension, to which `.pem` and `.pub` will be added
  # aws_secret: name of AWS SecretsManager secret
  # vault_path: path in HashiCorp Vault

See the docs and examples for more details.