diff --git a/src/models/s3BucketsValidationSchema.ts b/src/models/s3BucketsValidationSchema.ts
index 5cab72e..a1872bc 100644
--- a/src/models/s3BucketsValidationSchema.ts
+++ b/src/models/s3BucketsValidationSchema.ts
@@ -30,12 +30,15 @@ function isS3WildcardAction(action: string | string[]): boolean {
 function createContextError(context: any, message: string): boolean {
   return context.createError({ message });
 }
+function isPrincipalRestrictive(principal: any): boolean {
+  return principal === '*' || principal?.AWS === '*' || principal?.AWS?.includes('*');
+}
 
 function isStatementTooRestrictive(statements: any): boolean {
   return statements.some(
     (statement: any) =>
-      statement.Principal === '*' &&
       statement.Effect === 'Deny' &&
+      isPrincipalRestrictive(statement.Principal) &&
       isS3WildcardAction(statement.Action),
   );
 }