How can I launch a CloudFormation template using AWS assume-role in a Jenkins Pipeline?

Question

Launch a Cloudformation template using assume-role through Jenkins

I am trying to run Jenkins job to run a cloudformation template using AWS assume-role. I have created a IAM role (test-role) in AWS and given fullCloudformation access.

I am getting invalid session-token error.

Jenkinsfile

pipeline {
    agent any
    stages {
        stage('Git Checkout') {
            steps {
                checkout([$class: 'GitSCM', branches: [[name: 'test/01']], extensions: [], userRemoteConfigs: [[credentialsId: 'git-cred', url: 'https://github.com/xyz/test.git']]])
            }
        }     
        stage('Creating EC2') {
            steps {
                withAWS(roleAccount: 'xxxxxxxxx', role: 'test-role', region: 'us-east-1') {
                    script {   
                        ''' 
                            codeBuildResult = awsCodeBuild 
                            region: 'us-east-1',
                            sourceControlType: 'project',
                            credentialsType: 'keys',
                            awsAccessKey: env.AWS_ACCESS_KEY_ID,
                            awsSecretKey: env.AWS_SECRET_ACCESS_KEY,
                            awsSessionToken: env.AWS_SESSION_TOKEN
                        '''    
                        sh """
                        aws cloudformation deploy \
                        --template-file aws/cloudformation/ec2Cft.yml \
                        --stack-name "${environment}-${product}-ec2" \
                        --parameter-overrides \
                        'environment': "${environment}",\
                        'product': "${product}",\
                        'keyName': "${keyName}",\
                        'instanceType': "${instanceType}",\
                        'ec2RootVolumeSize': "${ec2RootVolumeSize}"\
                        --region ${REGION}
                        """
                    }    
                }    
                
            }
        }
    }
    
    post {
        always {
            cleanWs()
        }
    }
}

Console Output

Pipeline] { (Creating EC2)
[Pipeline] withAWS
Setting AWS region us-east-1 
 Requesting assume role
Assuming role ARN is arn:aws:iam::xxxxxxxxx:role/test-role > git rev-parse "refs/remotes/origin/test/01^{commit}" # timeout=10
 > git rev-parse "test/01^{commit}" # timeout=10
 > git config core.sparsecheckout # timeout=10
 > git checkout -f 76278dc2c19f26845fda9714049acb1 # timeout=10
[Pipeline] // withAWS
[Pipeline] }
[Pipeline] // stage
[Pipeline] stage
[Pipeline] { (Declarative: Post Actions)
[Pipeline] cleanWs
[WS-CLEANUP] Deleting project workspace...
[WS-CLEANUP] Deferred wipeout is used...
[WS-CLEANUP] done
[Pipeline] }
[Pipeline] // stage
[Pipeline] }
[Pipeline] // withEnv
[Pipeline] }
[Pipeline] // node
[Pipeline] End of Pipeline
com.amazonaws.services.securitytoken.model.AWSSecurityTokenServiceException: The security token included in the request is expired (Service: AWSSecurityTokenService; Status Code: 403; Error Code: ExpiredToken; Request ID: 87305816-e1ed-4647-b303-fa47d6186506; Proxy: null)