936: Allow Multi-Valued Conditions in IAM Policies

[chrisoverzero]

The code here assumed that any condition value must be a string, but condition values may also be arrays. The regex tests succeed in many cases because the array stringifies to a comma-delimited list of its elements, but this also means that only the first element is checked, effectively. When the array-of-arrays is passed back to, say, sqsCrossAccount, the includes test works, but not in the way which the author intended. This causes false negatives.

Resolves: #936

[CLAassistant]

All committers have signed the CLA.

[chrisoverzero]

Viewing this diff while ignoring whitespace differences will better illustrate how small this change truly is.

[chrisoverzero]

Looks as though this was fixed for SQS in #991. I don't know if there's any interest in what I think is a more complete solution. If not, please do feel free to close this.