Controlling Permissions for Temporary Security Credentials
After AWS STS issues temporary security credentials, they are valid through the expiration period and cannot be revoked. However, the permissions assigned to temporary security credentials are evaluated each time a request is made that uses the credentials, so you can achieve the effect of revoking the credentials by changing their access rights after they have been issued.
The following topics assume you have a working knowledge of AWS permissions and policies. For more information on these topics, see Access Management.