From 1b6d91bdc681e17ce8d0cefc5463bc9df6d4e3bf Mon Sep 17 00:00:00 2001
From: riqardos <kastiak.richard@gmail.com>
Date: Mon, 6 Mar 2023 12:26:22 +0100
Subject: [PATCH] fix: add kms action

---
 kms.tf | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/kms.tf b/kms.tf
index 1513187..dae37f1 100644
--- a/kms.tf
+++ b/kms.tf
@@ -66,7 +66,8 @@ data "aws_iam_policy_document" "kms_source_policy" {
       "kms:Decrypt",
       "kms:ReEncrypt*",
       "kms:GenerateDataKey*",
-      "kms:DescribeKey"
+      "kms:DescribeKey",
+      "kms:CreateGrant"
     ]
 
     #checkov:skip=CKV_AWS_109
@@ -109,7 +110,8 @@ data "aws_iam_policy_document" "kms_target_policy" {
       "kms:Decrypt",
       "kms:ReEncrypt*",
       "kms:GenerateDataKey*",
-      "kms:DescribeKey"
+      "kms:DescribeKey",
+      "kms:CreateGrant"
     ]
 
     #checkov:skip=CKV_AWS_109