Hi AWS, what are trusted service roles which are used when the delegated service role can't delegate the developer's requirements and why they are considered as the alternative to Service Control Policy (SCP). Also I have seen, the Path section have /trusted/, what is that? Is there any blog post link or any reInvent video where this concept has been explained?