See Doc Create IAM users for different permissions, limited access to a specific resource, such as read only S3 bucket. Access tokens are generated, and can be used in applications. Access tokens can also be used with AWS CLI Read CLI Notes