Here think of IAM roles as capabilities, you give IAM user capabilities for creating lambda function, uploading to S3, and many more.
A role can be assigned to a user who signs in by providing an external identity instead of IAM. So a federated user is the same as an IAM user which you can attach IAM roles to. So when you log in to the AWS console, you are not using roles are your identity rather you are using a federated user account that has attached roles as your identity when you log in.
For more details, you can read here.
Want to learn more about AWS? Come & join: AWS Online training