{"id":"iam-oidc-federated-principals-trust-policies-only","text":"OIDC federated principals (e.g., GitHub Actions, Cognito) can only be specified in IAM role trust policies, not in other resource-based policy types.","truth_value":"IN","source":"entries/2026/03/11/IAM-latest-UserGuide-reference_policies_elements_principalhtml.md","source_url":"","source_hash":"6b474327217a2bc0","justifications":[],"dependents":[],"metadata":{},"explanation":{"steps":[{"node":"iam-oidc-federated-principals-trust-policies-only","truth_value":"IN","reason":"premise"}]}}