Too Long; Didn't Read
When to use Users vs Roles in AWS IAM is a confusing topic for many people but with the visuals and examples I’ll share, you'll realize it’s surprisingly simple. There are 4 parts to IAM, Users, Groups, Roles, and Policies. Users are for people, and roles are for AWS resources. Users can assume a temporary role and roles can be assumed by both users and roles. This is like letting a plumber walk into your house, but you give them temporary permission to get a job done, but they are no longer allowed in your house.