Simulate policy API which helps us to check the effective permission for role is not working if the policy associated with role has regex like arn:aws::s3:* for resource or any such regex. It still gives that the permission is denied for actions which has resources associated with.

Problem in Python AWS SDK

API: https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/iam/paginator/SimulatePrincipalPolicy.html

example::
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"iam:GetContextKeysForCustomPolicy",
"iam:GetContextKeysForPrincipalPolicy",
"iam:SimulateCustomPolicy",
"iam:SimulatePrincipalPolicy"
],
"Effect": "Allow",
"Resource": "arn:aws::s3:*"
}
]
}

Hi @amitdwivedi-broadcom
I think you're issue is related to the AWS SDK for Python, and it should be reported in the https://github.com/boto/boto3 GitHub repo.
I will close this one here. Feel free to reopen if I'm wrong.