Been using https://github.com/broamski/aws-mfa to handle MFA for AWS with much success. I have three users who get the following error when trying to use it:
An error occurred (AccessDenied) when calling the GetSessionToken operation: MultiFactorAuthentication failed, unable to validate MFA code. Please verify your MFA serial number is valid and associated with this user.
Any ideas on how to troubleshoot? I have 20+ users that are just fine; I'm at the end of my rope on what these three users are doing different. I've verified that they didn't do a bad copy-pasta into their credentials file.
you get this if you haven't specified a profile (either inline or as an env variable). You don't need to delete your default profile, if a named profile is not specified in the context then it uses the default profile.
https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-profiles.html
$ export AWS_PROFILE=user1