The IAM GetUser call requires additional IAM permissions for users that the STS call does not require therefore the less friction-y approach for getting this information is to rely on the STS service to acquire the credentials.
This issue was discovered during some on-site user testing where we learned that the AWS credentials some users were issued by their AWS admin did not have the necessary IAM permissions thus requiring the admin to begrudgingly modify their AWS accounts permissions to proceed.
The IAM GetUser call requires additional IAM permissions for users that the STS call does not require therefore the less friction-y approach for getting this information is to rely on the STS service to acquire the credentials.
This issue was discovered during some on-site user testing where we learned that the AWS credentials some users were issued by their AWS admin did not have the necessary IAM permissions thus requiring the admin to begrudgingly modify their AWS accounts permissions to proceed.