IAM: `addCondition` overwrites previous conditions

[llgerard]

Describe the bug

Looking at #19114 the code will The following code will forget conditions when the only difference is in the value tested, example:

const p = new PolicyStatement;
p.addCondition("StringEquals", {'sts:ExternalId': '12345678901'});
p.addCondition("StringEquals", {'sts:ExternalId': '01234567890'});
console.log(p.toStatementJson());

will forget the first condition, generating:

Condition: { StringEquals: { 'sts:ExternalId': '01234567890' } },
Effect: 'Allow'

instead of

Condition: { StringEquals: { 'sts:ExternalId': ['12345678901', '01234567890'] } },
Effect: 'Allow'

Expected Behavior

Not forget conditions

Current Behavior

Forget conditions

Reproduction Steps

import {
    PolicyStatement,
} from "monocdk/aws-iam";
const p = new PolicyStatement;
p.addCondition("StringEquals", {'sts:ExternalId': '12345678901'});
p.addCondition("StringEquals", {'sts:ExternalId': '01234567890'});
console.log(p.toStatementJson());

Possible Solution

No response

Additional Information/Context

No response

CDK CLI Version

1.124

Framework Version

No response

Node.js Version

17.4

OS

macos

Language

Typescript

Language Version

No response

Other information

No response

[rix0rrr]

Phew, this headline stressed me out when I saw it, but I'm glad it has nothing to do with merging.

addCondition doesn't do what you think it does:

• it doesn't go: "oh well StringEquals/sts:ExternalId already exists so I guess I'd better turn that into a list and append this new value."
• instead, it goes: "set value in dict, done"

We don't recommend using the addXyz function anymore, really. You should try to create the Statement fully-formed

[llgerard]

Is it intended? Because the semantics is a disjunction instead of "adding" (conjunction) a condition?