CompositePrincipal does not support conditions

[patrickdomnick]

I am trying to reproduces the following Cloudformation Template with CDK:

"AssumeRolePolicyDocument": {
          "Version": "2012-10-17",
          "Statement": [
            {
              "Effect": "Allow",
              "Action": [
                "sts:AssumeRole"
              ],
              "Principal": {
                "AWS": [
                  "arn:aws:iam::<account>:role/MasterRole",
                  "arn:aws:iam::<account>:role/AccountOwner"
                ]
              }
            },
            {
              "Effect": "Allow",
              "Action": [
                "sts:AssumeRoleWithSAML"
              ],
              "Principal": {
                "Federated": "arn:aws:iam::<account>:saml-provider/SAMLIDP"
              },
              "Condition": {
                "StringEquals": {
                  "SAML:aud": "https://signin.aws.amazon.com/saml"
                }
              }
            }
          ]
        },

Either of those (Federated or Arn) work just fine but I am unable to combine them with CompositePrincipal because there is no support for Conditions: feat(iam): CompositePrincipal and allow multiple principal types #1377
The Condition is in a different scope so I don't understand why this would be not possible.

new iam.CompositePrincipal(new iam.FederatedPrincipal(
        `arn:aws:iam::${props.account.account}:saml-provider/SAMLIDP`, {
          "StringEquals": [{"SAML:aud": "https://signin.aws.amazon.com/saml"}],
        }, "sts:AssumeRoleWithSAML"
      ),
      new iam.ArnPrincipal(`arn:aws:iam::${props.default.rootAccount}:saml-provider/MasterRole`),
      new iam.ArnPrincipal(`arn:aws:iam::${props.default.rootAccount}:saml-provider/AccountOwner`)
)

[rix0rrr]

We need to change CompositePrincipal to emit multiple statements.

[reillykw]

I'm also experiencing this issue. What I need to be able to do is attach multiple actions to a federated policy document, I was hoping composite would help but it would throw an error with conditions. Also would need to see support for multiple federated ARNs, if that is possible. I don't know if a Composite would achieve that end or not.

[Cushdrive]

I have the same use case, and I'm also blocked from fully leveraging the CDK because it can't be used in the same way as the CloudFormation templates I'm trying to replace.