An IAM Role is an IAM identity that you can create in AWS. Roles have permissions policies that determine what the identity can and cannot do in AWS. Roles are used to delegate access to users, applications, or services that don't have long-term credentials (like a username and password or access keys).