diff --git a/content/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-amazon-web-services.md b/content/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-amazon-web-services.md
index df5746478c..6f991207a3 100644
--- a/content/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-amazon-web-services.md
+++ b/content/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-amazon-web-services.md
@@ -42,8 +42,7 @@ By default, the validation only includes the audience (`aud`) condition, so you
 
 ```json{:copy}
 "Condition": {
-  "ForAllValues:StringEquals": {
-    "token.actions.githubusercontent.com:aud": "https://github.com/octo-org",
+  "StringEquals": {
     "token.actions.githubusercontent.com:sub": "repo:octo-org/octo-repo:ref:refs/heads/octo-branch"
   }
 }