From 8f9bd6e5b99b261e1bd91665ca3daedb01da1ee7 Mon Sep 17 00:00:00 2001
From: Anton Timiskov <anton.timiskov@software.dell.com>
Date: Tue, 6 Dec 2016 21:19:30 +0300
Subject: [PATCH] Support of using AWS IAM Role Access keys

`x-amz-security-token` header is required in HTTP Requests
---
 dnsapi/dns_aws.sh | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/dnsapi/dns_aws.sh b/dnsapi/dns_aws.sh
index ca79326b..7655a9bc 100644
--- a/dnsapi/dns_aws.sh
+++ b/dnsapi/dns_aws.sh
@@ -1,4 +1,4 @@
-#!/usr/bin/env sh
+#!/usr/bin/env bash
 
 #
 #AWS_ACCESS_KEY_ID="sdfsdfsdfljlbjkljlkjsdfoiwje"
@@ -29,6 +29,10 @@ dns_aws_add() {
 
   _saveaccountconf AWS_ACCESS_KEY_ID "$AWS_ACCESS_KEY_ID"
   _saveaccountconf AWS_SECRET_ACCESS_KEY "$AWS_SECRET_ACCESS_KEY"
+  
+  if [ ! -z "$AWS_SESSION_TOKEN" ]; then
+    _saveaccountconf AWS_SESSION_TOKEN "$AWS_SESSION_TOKEN"
+  fi 
 
   _debug "First detect the root zone"
   if ! _get_root "$fulldomain"; then
@@ -201,6 +205,11 @@ aws_rest() {
   _H3="Authorization: $Authorization"
   _debug _H3 "$_H3"
 
+  if [ ! -z "$AWS_SESSION_TOKEN" ]; then
+    _H4="x-amz-security-token: $AWS_SESSION_TOKEN"
+    _debug _H4 "$_H4"
+  fi 
+  
   url="$AWS_URL/$ep"
 
   if [ "$mtd" = "GET" ]; then