Passes profile and region through the refreshable credential properly

security_hub_accepter.py

@@ -43,7 +43,6 @@ class NoPendingInviteException(Exception):
 
 class AssumeRoleProvider(object):
     METHOD = "assume-role"
-
     def __init__(self, fetcher):
         self._fetcher = fetcher
 
@@ -59,7 +58,8 @@ def filter_none_values(data):
 
 
 def assume_role(
-    session, role_arn, duration=3600, session_name=None, serial_number=None
+    session, role_arn, profile=None, duration=3600, session_name=None,
+    serial_number=None,
 ):
     fetcher = botocore.credentials.AssumeRoleCredentialFetcher(
         session.create_client,
@@ -74,7 +74,7 @@ def assume_role(
         ),
         cache=botocore.credentials.JSONFileCache(),
     )
-    role_session = botocore.session.Session()
+    role_session = botocore.session.Session(profile=profile)
     role_session.register_component(
         "credential_provider",
         botocore.credentials.CredentialResolver([AssumeRoleProvider(fetcher)]),
@@ -106,8 +106,12 @@ def main(
     role_arn = role_arn or None
 
     session = botocore.session.Session(profile=profile)
+    session.set_default_client_config(
+        botocore.client.Config(region_name=region)
+    )
+
     if role_arn:
-        session = assume_role(session, role_arn)
+        session = assume_role(session, role_arn, profile=profile)
 
     sechub = session.create_client("securityhub", region_name=region)