[Issue 11] - Allow use of `profile` and `assume_role_arn` for CLI Execution

[GarrettBlinkhorn]

@rquadling Would you mind reviewing this PR when you have a minute? It resolves https://github.com/digitickets/terraform-aws-cli/issues/11 and I'd love to get it merged so that I can avoid forking this module instead.

Purpose

When you include both a profile and an assume_role_arn as inputs to the module, the module should use the provided profile to assume the role, then execute the CLI command using the temporary credentials for the assumed role.

Currently, the module includes the profile param as part of the CLI execution by default, which prevents the temporary credentials for the assumed role from being used.

This PR resolves that issue by adding an if condition to the CLI execution which checks if both profile and assume_role_arn have been provided - when true, the profile param is excluded from the CLI execution so that the temporary credentials will be used instead. When false, CLI execution continues as normal.

See the related issue below for a detailed write-up of the problem described here.

Additionally, this PR resolves a typo found in the sts assume-role operation that prevents successful execution of that portion of the script when it is needed.

This PR means that the module more accurately achieves its mission by allowing you to use a profile to assume a role to execute the CLI command with:

Run the AWS CLI, with the ability to run under an assumed role, to access resources and properties missing from the Terraform AWS Provider.

Related Issue

This PR resolves the Issue described here: https://github.com/digitickets/terraform-aws-cli/issues/11

Testing

I've made these changes locally and confirmed that I was able to execute the module using the assume_role_arn when both profile and assume_role_arn were provided.

[rquadling]

I hope the newly released v6.1.0 will cover this.