diff --git a/docker_tasks/vector_ingest/Dockerfile b/docker_tasks/vector_ingest/Dockerfile
index 546e6a8..69c05ae 100644
--- a/docker_tasks/vector_ingest/Dockerfile
+++ b/docker_tasks/vector_ingest/Dockerfile
@@ -7,4 +7,6 @@ RUN pip install --upgrade pip
 COPY requirements.txt requirements.txt
 RUN pip install -r requirements.txt
 
+ENV FOOBAR="FOOBAZ"
+
 COPY handler.py handler.py
diff --git a/infrastructure/main.tf b/infrastructure/main.tf
index 116e7e8..c7a39ff 100644
--- a/infrastructure/main.tf
+++ b/infrastructure/main.tf
@@ -95,6 +95,8 @@ resource "local_file" "mwaa_variables" {
       ecs_cluster_name        = module.mwaa.cluster_name
       log_group_name          = module.mwaa.log_group_name
       mwaa_execution_role_arn = module.mwaa.mwaa_role_arn
+      assume_role_read_arn    = var.assume_role_arns[0]
+      assume_role_write_arn   = var.assume_role_arns[0]
       account_id              = local.account_id
       aws_region              = local.aws_region
       cognito_app_secret      = var.workflows_client_secret
diff --git a/infrastructure/mwaa_environment_variables.tpl b/infrastructure/mwaa_environment_variables.tpl
index f7743a3..aa2d57f 100644
--- a/infrastructure/mwaa_environment_variables.tpl
+++ b/infrastructure/mwaa_environment_variables.tpl
@@ -11,6 +11,8 @@
         "ACCOUNT_ID": "${account_id}",
         "AWS_REGION": "${aws_region}"
     },
+    "ASSUME_ROLE_READ_ARN": "${assume_role_read_arn}",
+    "ASSUME_ROLE_WRITE_ARN": "${assume_role_write_arn}",
     "COGNITO_APP_SECRET": "${cognito_app_secret}",
     "STAC_INGESTOR_API_URL": "${stac_ingestor_api_url}",
     "STAC_URL": "${stac_url}",