fix(s3-notifications): notifications allowed with imported kms keys

[markussiebert]

---

fixes: #18988

If you add an sqs queue as notification target to an s3 bucket, and this sqs queue is encrypted with an imported kms IKey, the stack won't synthesize. Instead of failing, it should warn the user, that it can not ensure the correct kms key policy permissions.

This fix will solve this.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

[gitpod-io]

[peterwoodworth]

Looks great to me @markussiebert, just a small typo!

Pull request has been modified.

[peterwoodworth]

Hey @markussiebert, you don't have to worry about merging master in. That will happen automatically once we approve it 😄

[peterwoodworth]

Looks good to me! @otaviomacedo is the owner here so I'll let him take a final look before merging 🙂

Pull request has been modified.

[peterwoodworth]

Love the optimization you've made here. Clever! Still looks great to me

Pull request has been modified.

Pull request has been modified.

[mergify]

Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

[aws-cdk-automation]

AWS CodeBuild CI Report

• CodeBuild project: AutoBuildProject89A8053A-LhjRyN9kxr8o
• Commit ID: 3d2adfb
• Result: SUCCEEDED
• Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

[mergify]

Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).