IAM Trust Policies define which entities (users, roles, AWS services) are allowed to assume a role. This is typically used for roles that need to be assumed by other AWS accounts or services.
Example Trust Policy JSON:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "ec2.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}