AWS recommend creating individual IAM users and assigning the least privilege
necessary for them to perform their role
You should use groups to assign permissions to IAM users and should avoid embedding access keys
in application code
For extra security, AWS recommend that you require multi-factor authentication (MFA) for all
users in your account. For privileged IAM users who are allowed to access sensitive resources or
API operations, AWS recommend using U2F or hardware MFA devices