How to assume a role with AWS Security Token Service (STS)