Improve aws-vault/docker run documentation

[rafops]

Hello duo-labs team,

I improved the instructions for aws-vault and docker run with the following changes:

• Use aws-vault with session tokens instead of raw credentials
• Mount cloned cloudmapper directory inside the container to preserve data collection

Testing AWS credentials:

root@a0c4d5b34c92:/opt/cloudmapper# aws sts get-caller-identity
{
    "UserId": "AROAXXXXXXXXXXXXXXXXX:rafops",
    "Account": "111111111111",
    "Arn": "arn:aws:sts::111111111111:assumed-role/cloudmapper-role/rafops"
}

I ran the collection successfully in a relatively large account without any issues. Here are the results:

Collection:

root@a0c4d5b34c92:/opt/cloudmapper# python cloudmapper.py collect --account prod
* Getting region names
* Creating directory for each region name
* Getting iam:generate-credential-report info
...
--------------------------------------------------------------------
Summary: 2436 APIs called. 0 errors

All the best and happy holidays!

[CLAassistant]

All committers have signed the CLA.

[0xdabbad00]

Were you using an IAM access key for aws-vault? I believe if you do that without using MFA when you create the session, that the IAM related collection fails, which is why I needed to specify --no-session in order to use the access keys directly.