AWS IAM documentation change
Summary
Changed 'federated users' to 'federated principals' in OIDC condition keys explanation
Security assessment
Terminology update to use 'principal' instead of 'user' in policy context. The security controls and guidance remain functionally identical, only language consistency is improved.
Diff
diff --git a/IAM/latest/UserGuide/reference_policies_iam-condition-keys.md b/IAM/latest/UserGuide/reference_policies_iam-condition-keys.md index 8e152142c..4d3c87114 100644 --- a//IAM/latest/UserGuide/reference_policies_iam-condition-keys.md +++ b//IAM/latest/UserGuide/reference_policies_iam-condition-keys.md @@ -340 +340 @@ You can use OIDC federation to give temporary security credentials to users who -You can use AWS OIDC condition context keys to write policies that limit the access of federated users to resources that are associated with a specific provider, app, or user. These keys are typically used in the trust policy for a role. Define condition keys using the name of the OIDC provider (`token.actions.githubusercontent.com`) followed by a claim (`:aud`): `**token.actions.githubusercontent.com:aud**`. +You can use AWS OIDC condition context keys to write policies that limit the access of federated principals to resources that are associated with a specific provider, app, or user. These keys are typically used in the trust policy for a role. Define condition keys using the name of the OIDC provider (`token.actions.githubusercontent.com`) followed by a claim (`:aud`): `**token.actions.githubusercontent.com:aud**`.