IAM users have permanent, long-term credentials and are associated with specific people. IAM roles do not have permanent credentials; instead, they provide temporary security credentials for users or services to assume the role and act under the permissions associated with the role.