It is recommended and considered a standard security advice to grant least privileges that is, granting only the permissions required to perform a task. IAM policies are the means by which privileges are granted to users, groups, or roles. Determine what users need to do and then craft policies for them that let the users perform only those tasks, instead of granting full administrative privileges.
In AWS Console -
In Terraform -
References:
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role