From 9d1684c3f048033224011a5c35d2631d1e8e291c Mon Sep 17 00:00:00 2001
From: micafer <micafer1@upv.es>
Date: Tue, 24 Jan 2023 13:20:44 +0100
Subject: [PATCH] Implements #1459

---
 IM/connectors/EC2.py  | 2 ++
 doc/source/client.rst | 3 ++-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/IM/connectors/EC2.py b/IM/connectors/EC2.py
index 0533e3bec..aa15a7087 100644
--- a/IM/connectors/EC2.py
+++ b/IM/connectors/EC2.py
@@ -186,8 +186,10 @@ def get_connection(self, region_name, auth_data):
                 if 'username' in auth and 'password' in auth:
                     region = boto.ec2.get_region(region_name)
                     if region:
+                        token = auth.get('token')
                         conn = boto.vpc.VPCConnection(aws_access_key_id=auth['username'],
                                                       aws_secret_access_key=auth['password'],
+                                                      security_token=token,
                                                       region=region)
                     else:
                         raise Exception(
diff --git a/doc/source/client.rst b/doc/source/client.rst
index 0d8a2fcf6..0e1e26650 100644
--- a/doc/source/client.rst
+++ b/doc/source/client.rst
@@ -306,7 +306,8 @@ The available keys are:
 
 * ``token`` indicates the OpenID token associated to the credential. This field is used in the EGI, OCCI plugins
   and also to authenticate with the InfrastructureManager. To refer to the output of a command you must
-  use the function "command(command)" as shown in the examples.
+  use the function "command(command)" as shown in the examples. It can be also used in the EC2 connector
+  to specify the security token associated with temporary credentials issued by STS.
 
 * ``vo`` indicates the VO name associated to the credential. This field is used in the EGI plugin.