I've been looking at "Multivalued context keys".
ForAllValues – This qualifier tests whether the value of every member of the request set is a subset of the condition context key set. The condition returns true if every context key value in the request matches at least one context key value in the policy. It also returns true if there are no context keys in the request, or if the context key value resolves to a null dataset, such as an empty string. To prevent missing context keys or context keys with empty values from evaluating to true, you can include the Null condition operator in your policy with a false value to check if the context key exists and its value is not null.
What isn't clear is does the policy evaluate the array with OR or AND? So would it expect the context key to match one or all the values supplied in the array?
I suspect it's OR due to the fact if it was AND it would defeat the purpose since you could achieve that with one value like "abc*xyz"
"Condition" : {
"ForAllValues:StringLike" : {
"key" : [ // OR vs AND
"abc",
"xyz",
]
}
}