Modern computer systems typically have different services and resources that can be accessed by users of the computer system. When users request access to the services and resources, such requests is generally verified before access is granted so that a user does not gain access to services and resources outside of that user's set of permissions. One system typically used for providing secure access to services and resources is based on creating short-term session credentials that are associated with a user. Once a session is established, a user can use the session credentials associated with the session to issue multiple requests over the life of that session. Typically, session credentials are encrypted and include a secret key that is used to sign each of the multiple requests over the life of the session.
A drawback of such sessions and the associated session credentials is that any service that can decrypt the session credentials can have access to the secret key. When such sessions are used across regions, providing access to secret keys can lead to increased vulnerabilities in computer systems. Additionally, when such sessions are used to assign roles across regions, regions may need to exchange potentially sensitive information within the sessions to allow access to the roles. Malicious actors could exploit such sensitive information to expose and take advantage of vulnerabilities in a computer system.