Add mfa functionality

[ehlertij]

The IAM permissions changes are simple for this:

{
  "Statement": [
    {
      "Effect": "Allow",
      "Action": "*",
      "Resource": "*",
      "Condition":{
         "NumericLessThan":{"aws:MultiFactorAuthAge":"3600"}
      }
    }
  ]
}

The aws_keys.yml file will require another field:

:mfa_serial_number: arn:aws:iam::123456789012:mfa/user.name

[ehlertij]

@anfleene want to review this?

[anfleene]

is this error message useful when you don't have mfa configured? Otherwise I'd rather catch it before we even try.

[anfleene]

Ah i guess it raises a custom exception MFATokenMissing thats probably good enough.

[anfleene]

The only thing thats a bit weird is how epically it fails when you don't have an arn set. Otherwise this is totally awesome. and works as expected 👍

[anfleene]

Here's the epic fail I'm talking about:

[anfleene]

Changes look good 👍 QA Passes