Scenario User/Role Recommendation
You're the only one in your account IAM user Do not use ROOT user
Your team needs access to your AWS account and there is no other
identity mechanism
IAM users Use IAM Groups to
manage policies
EC2 instance talks with Amazon S3 or a database IAM role
Cross Account Access IAM role