How is this relevant? AFAICT AWS Policy statements are capabilities. Each policy statement denotes both actions and resources, and that policy is then granted to another identity/resource.
As noted by other comments the parent article focuses on capabilities that grant definition of capabilities. It shouldn't be surprising that principals can use that to establish further capabilities in the absence of other restrictions.
As noted by other comments the parent article focuses on capabilities that grant definition of capabilities. It shouldn't be surprising that principals can use that to establish further capabilities in the absence of other restrictions.