export AWS_SESSION_EXPIRATION also #41
Description
Observing that the output of aws sts assume-role includes the Expiration, I'd like to capture that data rather than discard it.
$ aws sts assume-role --role-arn "$role_arn" --serial-number "$mfa_serial" --token-code "$(totp_generator -s aws)" --role-session-name "$(id -un)"
{
"Credentials": {
"AccessKeyId": "AAAAAAAAAAAAAAAAAAAA",
"SecretAccessKey": "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
"SessionToken": "AAAAAAAAAAAAAAA//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
"Expiration": "2019-01-12T21:23:08Z"
},
"AssumedRoleUser": {
"AssumedRoleId": "AAAAAAAAAAAAAAAAAAAAA:bruno",
"Arn": "arn:aws:sts::000000000000:assumed-role/allow-read-access-from-other-accounts/bruno"
}
}
I think a good name for this variable is AWS_SESSION_EXPIRATION to follow the pattern of most of the other variables. (That said, I also think ASSUMED_ROLE should be AWS_ASSUMED_ROLE, but that's a non backwards compatible change, and easy enough to fix with a wrapper.)