Solutionunvalidated

Set Principal to a wildcard (e.g., {"AWS":""}) and keep the Condition restricting aws:PrincipalArn to the desired role ARN pattern (e.g., arn:aws:iam::<acct-id>:role/my_role_).

ba2e2092-4902-46ab-a56f-97acba3dfc9b

Set Principal to a wildcard (e.g., {"AWS":""}) and keep the Condition restricting aws:PrincipalArn to the desired role ARN pattern (e.g., arn:aws:iam:::role/my_role_).

Set Principal to a wildcard (e.g., {"AWS":"*"}) and keep the Condition restricting aws:PrincipalArn to the desired role ARN pattern (e.g., arn:aws:iam::<acct-id>:role/my_role_*).

Set Principal to a wildcard (e.g., {"AWS":""}) and keep the Condition restricting aws:PrincipalArn to the desired role ARN pattern (e.g., arn:aws:iam::<acct-id>:role/my_role_).