Now, let's try using the key as a user with the administrator permission from account 2. Follow these steps:
- Encrypt the data with the profile of an administrator user from account 2 from the CLI:
aws kms encrypt
--plaintext "hello 4"
--key-id arn:aws:kms:us-east-1:135301570106:key/d791248f-c742-4ed9-a081-cfa314dd6903
--profile awschild1admin
We should see the following response:
In the next section, we will use the key as a non-admin user from account 2.