It is important to note that AWS strongly discourages the use of IAM users for both human and non-human entities due to the security vulnerabilities associated with long-term credentials, even when enhanced with MFA. Instead, it is recommended to employ federation with identity providers for human users, granting access via temporary credentials. For non-human users or systems, leveraging IAM roles or integrating with third-party security vaults that issue temporary credentials is advised. IAM users should be considered only as a last resort when no other secure method is feasible. In such a situation, it is crucial to enhance their security by applying the best practices discussed in this section.