From ab64918cb52d2469b663eaac9335ab096aa9621d Mon Sep 17 00:00:00 2001
From: Michael Ludvig <mludvig@logix.net.nz>
Date: Mon, 8 Feb 2016 00:09:44 +1300
Subject: [PATCH] Add support for AWS_SESSION_TOKEN environment variable.

According to http://blogs.aws.amazon.com/security/post/Tx3D6U6WSFGOK2H/A-New-and-Standardized-Way-to-Manage-Credentials-in-the-AWS-SDKs
the "official" environment variables that should be used for
AWS credentials should be:
AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY and AWS_SESSION_TOKEN
This patch adds support for the latter (the first two are already
supported).
---
 lib/ansible/module_utils/ec2.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/lib/ansible/module_utils/ec2.py b/lib/ansible/module_utils/ec2.py
index 7b93d9bb7e0..a360c2e6721 100644
--- a/lib/ansible/module_utils/ec2.py
+++ b/lib/ansible/module_utils/ec2.py
@@ -153,6 +153,8 @@ def get_aws_connection_info(module, boto3=False):
     if not security_token:
         if 'AWS_SECURITY_TOKEN' in os.environ:
             security_token = os.environ['AWS_SECURITY_TOKEN']
+        elif 'AWS_SESSION_TOKEN' in os.environ:
+            security_token = os.environ['AWS_SESSION_TOKEN']
         elif 'EC2_SECURITY_TOKEN' in os.environ:
             security_token = os.environ['EC2_SECURITY_TOKEN']
         else: