AssumeRoleTokenProviderNotSetError

[ledor473]

When attempting to use ssm-helpers using an IAM Role with MFA Enabled, I get the following error:

$ ssm session --region us-east-1 --profile profile-with-mfa

FATAL   Error when trying to create session:
AssumeRoleTokenProviderNotSetError: assume role with MFA enabled, but AssumeRoleTokenProvider session option not set.

Based on this blog post the change is minimal and would likely be safe to add to this project: https://aws.amazon.com/blogs/developer/assume-aws-iam-roles-with-mfa-using-the-aws-sdk-for-go/

There’s no harm in always setting the AssumeRoleTokenProvider session for applications that will always be run by a person. The field is only used if the shared configuration’s profile has a role to assume, and then sets the mfa_serial field. Otherwise, the option is ignored.
and

The SDK doesn’t automatically set the AssumeRoleTokenProvider with a default value. This is because of the risk of halting an application unexpectedly while the token provider waits for a nonexistent user to provide a value due to a configuration change. You must set this value to use MFA roles with the SDK.