diff --git a/include/assume_role b/include/assume_role
index 75521329..53158ec6 100644
--- a/include/assume_role
+++ b/include/assume_role
@@ -21,6 +21,9 @@ assume_role(){
     # In some cases you will need more than 1h.
     if [[ -z $SESSION_DURATION_TO_ASSUME ]]; then
         SESSION_DURATION_TO_ASSUME="3600"
+    elif [[ "${SESSION_DURATION_TO_ASSUME}" -gt "43200" ]] || [[ "${SESSION_DURATION_TO_ASSUME}" -lt "900" ]]; then
+        echo "$OPTRED ERROR!$OPTNORMAL - Role session duration must be more than 900 seconds and less than 4300 seconds"
+        exit 1
     fi
 
     # temporary file where to store credentials
@@ -52,6 +55,11 @@ assume_role(){
       rm -f $TEMP_STS_ASSUMED_FILE
       EXITCODE=1
       exit $EXITCODE
+    elif [[ "$(grep MaxSessionDuration $TEMP_STS_ASSUMED_FILE)" ]]; then
+      textFail "The requested DurationSeconds exceeds the MaxSessionDuration set for the role ${PROWLER_ROLE}"
+      rm -f $TEMP_STS_ASSUMED_FILE
+      EXITCODE=1
+      exit $EXITCODE
     fi
 
     # assume role command
@@ -80,4 +88,3 @@ assume_role(){
     export AWS_SESSION_EXPIRATION=$(cat $TEMP_STS_ASSUMED_FILE | jq -r '.Credentials.Expiration | sub("\\+00:00";"Z") | fromdateiso8601')
     rm -fr $TEMP_STS_ASSUMED_FILE
 }
-