Vamos a explicar cultura básica de IAM. IAM Roles y STS:AssumeRole.
¿QUÉ es un role?
An IAM role is an IAM entity that defines a set of permissions for making AWS service requests. IAM roles are not associated with a specific user or group. Instead, trusted entities assume roles, such as IAM users, applications, or AWS services such as EC2.