1 Answer
- Newest
- Most votes
- Most comments
0
Both of them are correct. As you can see below(I just enter the example condition into policy grammar), the example policy is following the policy grammar.
<condition_block> = "Condition" : { <condition_map> }
<condition_map> = {
<StringEqualsIgnoreCase> : { <aws:PrincipalTag/department> : <[ "finance", "hr", "legal" ]>,
<aws:PrincipalTag/role> : <[ "audit", "security" ]>,
...
},
<StringEquals> : { <aws:PrincipalAccount> : < 123456789012 >
...
},
...
answered 2 years ago
Relevant content
- asked 6 years ago
- asked 5 years ago
- asked 7 months ago
- asked 6 months ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated a month ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 3 years ago