diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4030974..a34b3a2 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,9 @@
 # Changelog
 
+## v1.2.0
+
+- [Allow specifying `aws_iam_role#max_session_duration`](https://github.com/babbel/terraform-aws-iam-role-for-github-repository/pull/12)
+
 ## v1.1.0
 
 - [Relax version constraints for modules](https://github.com/babbel/terraform-aws-iam-role-for-github-repository/pull/7)
diff --git a/main.tf b/main.tf
index 02b46ef..2e4ccf6 100644
--- a/main.tf
+++ b/main.tf
@@ -25,7 +25,8 @@ locals {
 resource "aws_iam_role" "this" {
   name = "github-actions-${md5(data.aws_iam_policy_document.this.json)}"
 
-  assume_role_policy = data.aws_iam_policy_document.this.json
+  assume_role_policy   = data.aws_iam_policy_document.this.json
+  max_session_duration = var.max_session_duration
 
   tags = var.tags
 }
diff --git a/variables.tf b/variables.tf
index 684930a..cb33d57 100644
--- a/variables.tf
+++ b/variables.tf
@@ -55,6 +55,17 @@ https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/i
 EOS
 }
 
+variable "max_session_duration" {
+  type    = number
+  default = null
+
+  description = <<EOS
+Maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours.
+
+https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role#max_session_duration
+EOS
+}
+
 variable "openid_audience" {
   type    = string
   default = "sts.amazonaws.com"