diff --git a/README.md b/README.md
index cf7ff8c..3e3db09 100644
--- a/README.md
+++ b/README.md
@@ -55,7 +55,6 @@ A Terraform Module for configuring an integration with Lacework and AWS for Clou
 | sns\_topic\_arn | The SNS topic ARN. Usually in the form of: arn:aws:sns:<control-tower-region>:<aws\_audit\_account\_id>:aws-controltower-AllConfigNotifications | `string` | n/a | yes |
 | cross\_account\_policy\_name | n/a | `string` | `""` | no |
 | enable\_log\_file\_validation | Specifies whether cloudtrail log file integrity validation is enabled | `bool` | `false` | no |
-| external\_id\_length | The length of the external ID to generate. Max length is 1224. Ignored when use\_existing\_iam\_role is set to true | `number` | `16` | no |
 | iam\_role\_arn | The IAM role ARN is required when setting use\_existing\_iam\_role to true | `string` | `""` | no |
 | iam\_role\_external\_id | The external ID configured inside the IAM role is required when setting use\_existing\_iam\_role to true | `string` | `""` | no |
 | iam\_role\_name | The IAM role name. Required to match with iam\_role\_arn if use\_existing\_iam\_role is set to true | `string` | `""` | no |
diff --git a/main.tf b/main.tf
index 9907f20..592190b 100644
--- a/main.tf
+++ b/main.tf
@@ -168,11 +168,10 @@ module "lacework_ct_iam_role" {
     aws = aws.log_archive
   }
   source                  = "lacework/iam-role/aws"
-  version                 = "~> 0.1"
+  version                 = "~> 0.4"
   create                  = var.use_existing_iam_role ? false : true
   iam_role_name           = local.iam_role_name
   lacework_aws_account_id = var.lacework_aws_account_id
-  external_id_length      = var.external_id_length
   tags                    = var.tags
 }
 
diff --git a/scripts/ci_tests.sh b/scripts/ci_tests.sh
index cfe60cb..8b18fca 100755
--- a/scripts/ci_tests.sh
+++ b/scripts/ci_tests.sh
@@ -27,9 +27,11 @@ write_aws_profiles() {
     echo "[918733600796_AWSAdministratorAccess]" > ~/.aws/credentials
     echo "aws_access_key_id = $AWS_ACCESS_KEY_ID" >> ~/.aws/credentials
     echo "aws_secret_access_key = $AWS_SECRET_ACCESS_KEY" >> ~/.aws/credentials
+    echo "aws_session_token = $AWS_SESSION_TOKEN" >> ~/.aws/credentials
     echo "[287453222145_AWSAdministratorAccess]" >> ~/.aws/credentials
     echo "aws_access_key_id = $AWS_ACCESS_KEY_ID" >> ~/.aws/credentials
     echo "aws_secret_access_key = $AWS_SECRET_ACCESS_KEY" >> ~/.aws/credentials
+    echo "aws_session_token = $AWS_SESSION_TOKEN" >> ~/.aws/credentials
     chmod 600 ~/.aws/credentials
   fi
 }
diff --git a/variables.tf b/variables.tf
index 971b40b..7a747a5 100644
--- a/variables.tf
+++ b/variables.tf
@@ -47,7 +47,7 @@ variable "iam_role_external_id" {
 variable "external_id_length" {
   type        = number
   default     = 16
-  description = "The length of the external ID to generate. Max length is 1224. Ignored when use_existing_iam_role is set to true"
+  description = "**Deprecated** - Will be removed on our next major release v1.0.0"
 }
 
 variable "prefix" {