AWS STS now supports validation of select identity provider specific claims from Google, GitHub, CircleCI and OCI

AWS Security Token Service (STS) now supports validation of select identity provider specific claims from Google, GitHub, CircleCI and Oracle Cloud Infrastructure in IAM role trust policies and resource control policies for OpenID Connect (OIDC) federation into AWS via the AssumeRoleWithWebIdentity API. With this new capability, you can reference these custom claims as condition keys in IAM role trust policies and resource control policies, expanding your ability to implement fine-grained access control for federated identities and help you establish your data perimeters. This enhancement builds upon IAM's existing OIDC federation capabilities, which allow you to grant temporary AWS credentials to users authenticated through external OIDC-compatible identity providers. This feature is available in all [AWS Commercial Regions](https://aws.amazon.com/about-aws/global-infrastructure/regional-product-services/). See [Available Keys for OIDC federation](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference%5Fpolicies%5Fiam-condition-keys.html#condition-keys-wif) in IAM User Guide for a full list of supported claims and to learn more about using these claims in IAM role trust policies and resource control policies.