Cloud Daddy Secure Backup (CDSB) supports cross-region disaster recovery of encrypted EBS volumes. CDSB will try to find a KMS key in the target region that has the same alias as in the source region. Therefore, you need to create a key with the same alias in the destination region of replication so that the replication process does not fail.
If you use a default master key to encrypt data, check if the default master key is also defined in the destination region. If you are using a user-defined master key, you must create a key with the same alias in the destination region. If you do not create a key with the same alias in the destination region, you will get an error like, “Alias alias/newTestKey in us-west-1 region not found”. Alternatively, if you do not add a CloudDaddyRole to the key users, it will not succeed and you will receive an error as well.
In order to use your KMS keys to decrypt data, you have to grant CDSB permissions to work with the keys: Please add “CloudDaddyRole” (CDSB instance role) permissions to use the keys and aliases.