add temp KMS key to id_sync SQS queue

Author: JamesW1-NHS

terraform/sqs_id_sync.tf

@@ -2,6 +2,7 @@
 
 resource "aws_sqs_queue" "id_sync_queue" {
   name                        = "${local.short_prefix}-id-sync-queue"
+  kms_master_key_id           = aws_kms_alias.id_sync_sqs_encryption.name
   visibility_timeout_seconds  = 60
   redrive_policy = jsonencode({
     deadLetterTargetArn = aws_sqs_queue.id_sync_dlq.arn

terraform/temp_id_sync_sqs_kms.tf

@@ -70,13 +70,13 @@ locals {
   # MNS id/role: ultimately these should go in infra/environments/<env>/variables.tfvars
 
   mns_account_id    = "631615744739"
-  mns_admin_role    = "role"
+  mns_admin_role    = "role/nhs-mns-events-lambda-delivery"
 
   policy_statement_allow_mns = {
     Sid    = "AllowMNSLambdaDelivery",
     Effect = "Allow",
     Principal = {
-      AWS = "arn:aws:iam::${local.mns_account_id}:${local.mns_admin_role}/nhs-mns-events-lambda-delivery"
+      AWS = "arn:aws:iam::${local.mns_account_id}:${local.mns_admin_role}"
     },
     Action = "kms:GenerateDataKey",
     Resource = "*"