From c975efda5686fd7c9fb98518332617e4876e5317 Mon Sep 17 00:00:00 2001
From: Melissa Greenbaum <69476188+magreenbaum@users.noreply.github.com>
Date: Mon, 18 Sep 2023 18:39:07 -0400
Subject: [PATCH] fix: Default admin permissions for special keys (#24)

Co-authored-by: magreenbaum <magreenbaum>
---
 main.tf | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/main.tf b/main.tf
index 2b3ac10..261e5a2 100644
--- a/main.tf
+++ b/main.tf
@@ -140,6 +140,8 @@ data "aws_iam_policy_document" "this" {
         "kms:UntagResource",
         "kms:ScheduleKeyDeletion",
         "kms:CancelKeyDeletion",
+        "kms:ReplicateKey",
+        "kms:ImportKeyMaterial"
       ]
       resources = ["*"]