From e84bf15648296d95a7ef0f6fbf1ec562190781dc Mon Sep 17 00:00:00 2001
From: schoemme <schoemme@amazon.com>
Date: Thu, 29 Aug 2024 10:18:48 -0500
Subject: [PATCH] Update regional.yml

Add kms:Encrypt, kms:GenerateDataKey*, and kms:ReEncrypt* actions to allow use of key
---
 .../bootstrap_repository/adf-bootstrap/deployment/regional.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/regional.yml b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/regional.yml
index f7d8eaf13..1208a0788 100644
--- a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/regional.yml
+++ b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/regional.yml
@@ -153,6 +153,9 @@ Resources:
             Action:
               - kms:Decrypt
               - kms:DescribeKey
+              - kms:Encrypt
+              - kms:GenerateDataKey*
+              - kms:ReEncrypt*
             Resource: "*"
             Condition:
               StringEquals: