From dc812d99904d8e3f9ade7aaf573e3124e65f0d32 Mon Sep 17 00:00:00 2001
From: Bert Blommers <bblommers@users.noreply.github.com>
Date: Sat, 10 Dec 2022 19:23:34 -0100
Subject: [PATCH] IAM - Add all valid TrustPolicy actions (#5751)

---
 moto/iam/policy_validation.py | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/moto/iam/policy_validation.py b/moto/iam/policy_validation.py
index 316ef9ee5..0b51c1011 100644
--- a/moto/iam/policy_validation.py
+++ b/moto/iam/policy_validation.py
@@ -557,9 +557,17 @@ class IAMTrustPolicyDocumentValidator(BaseIAMPolicyValidator):
 
     @staticmethod
     def _validate_trust_policy_action(action):
+        # https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html
         assert action in (
             "sts:AssumeRole",
             "sts:AssumeRoleWithSAML",
             "sts:AssumeRoleWithWebIdentity",
+            "sts:DecodeAuthorizationMessage",
+            "sts:GetAccessKeyInfo",
+            "sts:GetCallerIdentity",
+            "sts:GetFederationToken",
+            "sts:GetServiceBearerToken",
+            "sts:GetSessionToken",
+            "sts:SetSourceIdentity",
             "sts:TagSession",
         )