User

Group

Group is a container for IAM Users. Group can have inline and manage policy attached. Group cannot be used for authentication and dont have credentials. Group can’t be nested.

An AWS account can have up to 300 IAM Groups (soft limit, can be increased with a support ticket) An IAM User can be a member of up to 10 IAM Groups (Hard limit). No limit of how many IAM Users can be added as IAM Group member.

Group can’t be referred to as Principal in a Resource-based policy.