diff --git a/.changelog/25681.txt b/.changelog/25681.txt
new file mode 100644
index 00000000000..49fc64a8792
--- /dev/null
+++ b/.changelog/25681.txt
@@ -0,0 +1,3 @@
+```release-note:bug
+provider: Ensure that the configured `assume_role_with_web_identity` value is used
+```
\ No newline at end of file
diff --git a/internal/conns/config.go b/internal/conns/config.go
index 7bfd3100fdf..23713b73155 100644
--- a/internal/conns/config.go
+++ b/internal/conns/config.go
@@ -83,6 +83,7 @@ func (c *Config) Client(ctx context.Context) (interface{}, diag.Diagnostics) {
 	awsbaseConfig := awsbase.Config{
 		AccessKey:                     c.AccessKey,
 		APNInfo:                       StdUserAgentProducts(c.TerraformVersion),
+		AssumeRoleWithWebIdentity:     c.AssumeRoleWithWebIdentity,
 		CallerDocumentationURL:        "https://registry.terraform.io/providers/hashicorp/aws",
 		CallerName:                    "Terraform AWS Provider",
 		EC2MetadataServiceEnableState: c.EC2MetadataServiceEnableState,