payment-cryptography:ReEncryptData is a Write access-level action in the payment-cryptography service. Grants permission to re-encrypt ciphertext using DUKPT, Symmetric and Asymmetric Data Encryption Keys
ARNs that payment-cryptography:ReEncryptData can be scoped to in an IAM policy.
Keys you can use in the Condition block of a policy that grants payment-cryptography:ReEncryptData.
Filters access by tags assigned to a key for the specified operation
Filters access by aliases associated with a key for the specified operation
A minimal policy that allows payment-cryptography:ReEncryptData. Replace "Resource": "*" with a specific ARN to follow least privilege.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AllowPaymentcryptographyReEncryptData",
"Effect": "Allow",
"Action": "payment-cryptography:ReEncryptData",
"Resource": "*"
}
]
}