Changes API updates for the AWS Security Token Service
Changes This release adds the SourceIdentity parameter that can be set when assuming a role.
Changes Support tagging for STS sessions and tag based access control for the STS APIs
Changes New STS GetAccessKeyInfo API operation that returns the account identifier for the specified access key ID.
Changes AWS Security Token Service (STS) now supports passing IAM Managed Policy ARNs as session policies when you programmatically create temporary sessions for a role or federated user. The Managed Policy ARNs can be passed via the PolicyArns parameter, which is now available in the AssumeRole, AssumeRoleWithWebIdentity, AssumeRoleWithSAML, and GetFederationToken APIs. The session policies referenced by the PolicyArn parameter will only further restrict the existing permissions of an IAM User or Role for individual sessions.