Support MFA authentication for first-time kubeConfig/certificate retrieval when accessing multiple ACK clusters

[thehackercat]

Hi 👋, I’m using Alibaba Cloud ACK service and would like to request a feature for ack-ram-tool.

Feature request:
On a bastion host, I can use ack-ram-tool or temporary kubeconfig to access multiple ACK clusters. However, I’d like to strengthen security by requiring MFA (multi-factor authentication) during the first-time certificate retrieval.

Question:
Does ack-ram-tool currently support this use case, or could MFA be integrated to enforce additional security when obtaining cluster credentials?

[mozillazg]

@thehackercat Unfortunately, Alibaba Cloud does not currently support the use of MFA for secondary verification of API requests made outside of the console.