The resulting credentials can be used for requests where multi-factor authentication (MFA) is required by policy. The credentials expire 15 minutes after they are generated. aws sts get-session-token –duration-seconds 900 –serial-number “YourMFADeviceSerialNumber” –token-code 123456. Output: …
https://docs.aws.amazon.com/cli/latest/reference/sts/get-session-token.html