diff --git a/project.clj b/project.clj
index 647e09c3..e5fc9ecd 100644
--- a/project.clj
+++ b/project.clj
@@ -1,4 +1,4 @@
-(defproject sparkfund/aws-maven "5.1.3"
+(defproject sparkfund/aws-maven "5.1.4"
   :description "Maven wagon for S3"
   :url "http://github.com/SparkFund/aws-maven"
   :license {:name "MIT License"
@@ -14,6 +14,8 @@
                   :exclusions [joda-time]]
                  [com.amazonaws/aws-java-sdk-s3 "1.9.40"
                   :exclusions [joda-time]]
+                 [com.amazonaws/aws-java-sdk-sts "1.9.40"
+                  :exclusions [joda-time]]
                  [joda-time "2.9.4"]
                  [org.apache.maven.wagon/wagon-provider-api "2.10"]
                  [org.clojure/clojure "1.8.0"]]
diff --git a/src/java/org/springframework/build/aws/maven/SimpleStorageServiceWagon.java b/src/java/org/springframework/build/aws/maven/SimpleStorageServiceWagon.java
index a03ecaf7..d22718f0 100644
--- a/src/java/org/springframework/build/aws/maven/SimpleStorageServiceWagon.java
+++ b/src/java/org/springframework/build/aws/maven/SimpleStorageServiceWagon.java
@@ -19,9 +19,8 @@
 import com.amazonaws.AmazonServiceException;
 import com.amazonaws.ClientConfiguration;
 import com.amazonaws.auth.AWSCredentialsProvider;
-import com.amazonaws.auth.AWSCredentialsProviderChain;
 import com.amazonaws.auth.DefaultAWSCredentialsProviderChain;
-import com.amazonaws.auth.profile.ProfileCredentialsProvider;
+import com.amazonaws.auth.STSAssumeRoleSessionCredentialsProvider;
 import com.amazonaws.services.s3.AmazonS3;
 import com.amazonaws.services.s3.AmazonS3Client;
 import com.amazonaws.services.s3.internal.Mimetypes;
@@ -46,8 +45,18 @@
  * <code>s3://static.springframework.org</code> would put files into the <code>static.springframework.org</code> bucket
  * on the S3 service.
  * <p/>
- * This implementation uses the <code>username</code> and <code>passphrase</code> portions of the server authentication
- * metadata for credentials.
+ * This implementation uses the default aws credentials provider chain, and
+ * will assume the role given in the env var
+ * <code>SPARKFUND_AWS_MAVEN_ROLE</code>
+ * if given.
+ *
+ * This explicit role assumption works around the current inconsitent behavior
+ * between the cli and the java sdk as noted here:
+ *
+ * https://github.com/aws/aws-sdk-java/issues/803
+ *
+ * Future implementations may want to revisit this when it is addressed and
+ * aws-maven is able to update to the latest java sdk versions.
  */
 public final class SimpleStorageServiceWagon extends AbstractWagon {
 
@@ -79,10 +88,14 @@ public SimpleStorageServiceWagon() {
     protected void connectToRepository(Repository repository, AuthenticationInfo authenticationInfo,
                                        ProxyInfoProvider proxyInfoProvider) throws AuthenticationException {
         if (this.amazonS3 == null) {
+            String role = System.getenv("SPARKFUND_AWS_MAVEN_ROLE");
             AWSCredentialsProvider credentialsProvider =
-                new AWSCredentialsProviderChain(new AuthenticationInfoAWSCredentialsProviderChain(authenticationInfo),
-                                                new ProfileCredentialsProvider("maven"),
-                                                new DefaultAWSCredentialsProviderChain());
+                (role != null && !("".equals(role)))
+                ? new STSAssumeRoleSessionCredentialsProvider(new DefaultAWSCredentialsProviderChain(),
+                                                              role,
+                                                              java.util.UUID.randomUUID().toString())
+                : new DefaultAWSCredentialsProviderChain();
+
             ClientConfiguration clientConfiguration = S3Utils.getClientConfiguration(proxyInfoProvider);
 
             this.bucketName = S3Utils.getBucketName(repository);