Summary

IAM is universal, it does not apply to regions at this time
The root account is simply the account created when first setup your AWS account. It has complete Admin access
New Users have No permissions when first created
New Users are assigned Access Key Id & Secret Access Keys when first created. Access key Id and secret are used for APIs and command line, CANNOT be used for login the console. Keys will only show once.
Always setup Multifactor Authentication on your root account.
You can create and customise your own password rotation policies

IAM