Using temporary credentials to access resources, has long been a best practice and is usually straight-forward if the person or machine that is starting the action is already known in AWS (either by using IAM Identity Center, or because you are running inside the AWS Cloud). However, if you are running on a machine that exists outside of AWS you will need an extra component like AWS IAM Roles Anywhere to give you temporary credentials.
