IAM user with permanent programmatic access/root access keys may lead to data leak.
As a best practice, use temporary security credentials (IAM roles) instead of access keys, and disable any AWS account root user access keys.