export AWS_SESSION_EXPIRATION also

[RichardBronosky]

Observing that the output of aws sts assume-role includes the Expiration, I'd like to capture that data rather than discard it. $ aws sts assume-role --role-arn "$role_arn" --serial-number "$mfa_serial" --token-code "$(totp_generator -s aws)" --role-session-name "$(id -un)" { "Credentials": { "AccessKeyId": "AAAAAAAAAAAAAAAAAAAA", "SecretAccessKey": "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA", "SessionToken": "AAAAAAAAAAAAAAA//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA", "Expiration": "2019-01-12T21:23:08Z" }, "AssumedRoleUser": { "AssumedRoleId": "AAAAAAAAAAAAAAAAAAAAA:bruno", "Arn": "arn:aws:sts::000000000000:assumed-role/allow-read-access-from-other-accounts/bruno" } }

I think a good name for this variable is AWS_SESSION_EXPIRATION to follow the pattern of most of the other variables. (That said, I also think ASSUMED_ROLE should be AWS_ASSUMED_ROLE, but that's a non backwards compatible change, and easy enough to fix with a wrapper.)

[russellballestrini]

Hey @RichardBronosky would you like to create 2 PRs:

• saving AWS_SESSION_EXPIRATION
• having assume-role set both ASSUMED_ROLE and AWS_ASSUMED_ROLE (to move toward a standard but not break people until deprecated properly)