This PR is to fix an issue when accessing cross-account KMS keys via their full ARN.
shush attempts to add alias/ when provided with a full ARN, for example:
arn:aws:kms:ap-southeast-2:<account 1>:alias/arn:aws:kms:ap-southeast-2:<account 2>:key/<key id>
With <account 1> being the originator of the requests and <account 2> being the source of the KMS key.
I do not know why this behaviour has become apparent now (old versions of shush floating around?) however there is this issue that should be addressed by this PR.
This PR is to fix an issue when accessing cross-account KMS keys via their full ARN.
shush
attempts to addalias/
when provided with a full ARN, for example:arn:aws:kms:ap-southeast-2:<account 1>:alias/arn:aws:kms:ap-southeast-2:<account 2>:key/<key id>
With
<account 1>
being the originator of the requests and<account 2>
being the source of the KMS key.I do not know why this behaviour has become apparent now (old versions of
shush
floating around?) however there is this issue that should be addressed by this PR.