I am trying to restrict users from assuming role into other accounts. My goal is to create an iam group. Then create an iam policy that requires mfa authentication to assume rol
