1 Answer
- Newest
- Most votes
- Most comments
0
Ok, I think I understand now how the first part is working. It appears that the key sts:SourceIdentity has a single value. When you use StringLike/StringEquals on a single value key and provide an array of matches, it passes if any of those items in the array are true. That is shown in an example on this page. Is it possible to explicitly document the behavior here when you use an array vs a string as a key value or point me to where that behavior is defined?.
For example:
If the key value is a string and you use StringEquals, it passes only if it matches:
"Condition": {
"StringEquals": {
"sts:SourceIdentity": "Saanvi"
}
}
If the key value is an array of strings, any one of them matching makes it pass.
"Condition": {
StringEquals": {
"sts:SourceIdentity": [
"Saanvi",
"Diego"
]
}
}
answered 2 years ago
Relevant content
- asked 2 months ago
- Accepted Answerasked a year ago
- asked 2 years ago
- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 3 years ago