AWS STS now supports validation of select identity provider specific claims from Google, GitHub, CircleCI and OCI
News
This article announces AWS STS support for validating identity provider-specific claims from Google, GitHub, CircleCI, and OCI in IAM role trust policies and resource control policies for OIDC federation.
- Validate custom claims from Google, GitHub, CircleCI, and OCI via AssumeRoleWithWebIdentity API
- Reference custom claims as condition keys in IAM role trust policies and resource control policies
- Enable fine-grained access control for federated identities
- Help establish data perimeters for enhanced security
- Available in all AWS Commercial Regions
This enhancement expands OIDC federation capabilities, allowing more granular control over temporary AWS credentials for external identity provider users.
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
Nov 22
2024
2024
Announcing AWS STS support for ECDSA-based signatures of OIDC tokens
Nov 20
2025
2025
AWS IAM enables identity federation to external services using JSON Web Tokens (JWTs)
Oct 24
2025
2025
AWS Transfer Family now supports changing identity provider type on a server
Feb 6
2025
2025
AWS IAM Identity Center now offers improved error messages and AWS CloudTrail logging for provisioning issues
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.