type(Required) The type of principal. For AWS accounts this is “AWS”. identifiers(Required) List of identifiers for principals. Whentypeis “AWS”, these are IAM user or role ARNs. Each policy statement may have zero or moreconditionblocks, which each accept the following arguments: ...
Action: the operation that thePrincipalis allowed to perform. TheActionvaries depending on the scenario and the type ofPrincipalassuming the role. It’s important to note that this trust policy differs from the IAM policies attached to a role. While the trust policy defines who can assume the ...