Add support for session token to assume_role action

CHANGES.md

@@ -1,5 +1,8 @@
 ## Change Log
 
+## 1.0.1
+- Add support for AWS session token to `assume_role` action
+
 ## 1.0.0
 
 * Drop Python 2.7 support

actions/assume_role.py

@@ -13,7 +13,8 @@ class Boto3AssumeRoleRunner(Action):
     def run(self, role_arn,
             policy=None, duration=3600, external_id=None,
             aws_access_key_id=None, aws_secret_access_key=None,
-            use_mfa=False, serial_number=None, token_code=None):
+            use_mfa=False, serial_number=None, token_code=None,
+            use_session_token=False, aws_session_token=None):
 
         success = False
         result = dict()
@@ -23,6 +24,9 @@ def run(self, role_arn,
         if aws_access_key_id and aws_secret_access_key:
             sts_kwargs['aws_access_key_id'] = aws_access_key_id
             sts_kwargs['aws_secret_access_key'] = aws_secret_access_key
+
+        if use_session_token:
+            sts_kwargs['aws_session_token'] = aws_session_token
 
         client = boto3.client('sts', **sts_kwargs)
 

actions/assume_role.yaml

@@ -39,3 +39,11 @@ parameters:
     type: "string"
     description: "Token code from the MFA"
     secret: true
+  use_session_token:
+    type: "boolean"
+    description: "Include session token"
+    default: False
+  aws_session_token:
+    type: "string"
+    description: "Session token"
+    secret: true

pack.yaml

@@ -19,7 +19,7 @@ keywords:
   - RDS
   - SQS
   - lambda
-version: 1.0.0
+version: 1.0.1
 author : StackStorm, Inc.
 email : info@stackstorm.com
 contributors: