Permissions for AWS KMS–encrypted Amazon SNS topics
The Amazon SNS topic you specify might be encrypted by AWS Key Management Service. To allow DevOps Guru to work
with encrypted topics, you must first create a AWS KMS key and then add the following
statement to the policy of the KMS key. For more information, see Encrypting
messages published to Amazon SNS with AWS KMS
{ "Version": "2012-10-17", "Id": "your-kms-key-policy", "Statement": [ { "Effect": "Allow", "Principal": { "Service": "
region-id
.devops-guru.amazonaws.com" }, "Action": [ "kms:GenerateDataKey*", "kms:Decrypt" ], "Resource": "*" } ] }