'Wildcard is not working in condition for principal in AWS IAM Trust Policy

I have a trust policy:

{
  "Effect": "Allow",
  "Principal": {
    "AWS": "*"
  },
  "Action": [
    "sts:AssumeRole",
    "sts:TagSession"
  ],
  "Condition": {
    "ForAnyValue:StringLike": {
      "aws:PrincipalArn": [
        "arn:aws:sts::AccountId:assumed-role/..",
        "arn:aws:sts::AccountId:assumed-role/..another_one_*"
      ]
    }
  }
}

But with this condition, it says that "arn:aws:sts::AccountId:assumed-role/..another_one_*" is not authorized to use sts:TagSession. When I remove the condition it works correctly, so don't understand if my condition is not correct?

pythonamazon-iampolicy


Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source

Related Questions

Selenium-Python: How do I make my WebDriverWait a few seconds before reloading a page?

Selenium-Python: How do I make my WebDriverWait a few seconds before reloading a page?

pip issue installing almost any library

pip issue installing almost any library

pip issue installing almost any library

Selenium-Python: How do I make my WebDriverWait a few seconds before reloading a page?

Selenium-Python: How do I make my WebDriverWait a few seconds before reloading a page?

A simple SMTP server (in Python)

How to specify which pytorch to import, if I have two different versions installed?

How to specify which pytorch to import, if I have two different versions installed?

A simple SMTP server (in Python)

Python: get all months in range?

Python: get all months in range?

Python: get all months in range?

How to specify which pytorch to import, if I have two different versions installed?