AWSTemplateFormatVersion: 2010-09-09
Description: "Create a basic Amazon MQ for testing plaintext passwords, etc."
Resources:
  myKey:
    Type: 'AWS::KMS::Key'
    Properties:
      Description: An example symmetric encryption KMS key
      EnableKeyRotation: true
      PendingWindowInDays: 20
      KeyPolicy:
        Version: 2012-10-17
        Id: key-default-1
        Statement:
          - Sid: Enable IAM User Permissions
            Effect: Allow
            Principal: 
              AWS: "*"
            Resource: '*'
          - Sid: Allow administration of the key
            Effect: Allow
            Principal:
              AWS: 'arn:aws:iam::111122223333:user/Bob2'
            Resource: '*'
          - Sid: Allow use of the key
            Effect: Allow
            Principal:
              AWS: '*'
            Resource: '*'