Having opinel use the standard `mfa_serial` AWS configuration variable.

[grettir]

Currently opinel looks for the custom configuration variable aws_mfa_serial in the ~/.aws/credentials file to get the arn of the MFA device.

For instance, my current ~/.aws/credentials file might look like this:

[development]
aws_access_key_id=foo
aws_secret_access_key=bar
aws_mfa_serial=arn:aws:iam::XXXXXXXXXXXX:mfa/john.doe

However, the AWS/boto3 configuration variables have changed a bit since opinel was first introduced. When assuming roles, boto3 now looks for the arn of the MFA device via the mfa_serial variable in the `~/.aws/config file.

It would be nice if opinel used the mfa_serial variable in the ~/.aws/config file, too, both for assuming roles and other standard operations.

So a typical configuration might look something like this…

In ~/.aws/credentials:

[development]
aws_access_key_id=foo
aws_secret_access_key=bar

In ~/.aws/config:

[profile development]
mfa_serial=arn:aws:iam::XXXXXXXXXXXX:mfa/john.doe
region=us-east-1
output=json

[profile crossaccount]
source_profile=development
role_arn=arn:aws:iam::XXXXXXXXXXXX:role/whatever
mfa_serial=arn:aws:iam::XXXXXXXXXXXX:mfa/john.doe
region=us-east-1
output=json

[l01cd3v]

Thanks, I'll look into this.

[l01cd3v]

I think that this should be fixed now - If mfa_serial or aws_mfa_serial is found, it will be used. If it is specified in the [profile], this will overwrite anything coming from upstream.