Documentation regarding MFA creation using base_identities, clarify MFA name

[juanmatias]

What?

In the documentation, regarding the MFA creation we have these lines:

Proceed to enable a virtual MFA device for your user, and generate programmatic keys for it. Make sure to keep these keys in a safe location.

There should be clarified the user name has to be used in order to be able to create the MFA. E.g.:

Proceed to enable a virtual MFA device for your user (name it after your username), and generate programmatic keys for it. Make sure to keep these keys in a safe location.

Why?

Based on the self-management policy created by the base_identities layer, we have the iam:CreateVirtualMFADevice but the resource is limited to arn:aws:iam::${var.accounts[var.environment].id}:mfa/$${aws:username}. This means the mfa should be named the same as the username.

[exequielrafaela]

We're now favoring AWS IdC SSO approach (https://leverage.binbash.co/try-leverage/enabling-sso/) over IAM, in case we need to still update this in the future we'll re-open this issue. We'll keep under review till we update the SSO setup steps though (ref: https://binbashar.slack.com/archives/GG0PJ78J3/p1716303230856489)

[diego-ojeda-binbash]

Updated SSO additional steps here: https://github.com/binbashar/le-ref-architecture-doc/pull/220