From e586995bbc3d92e630f9735168f6f13c0b9aee3c Mon Sep 17 00:00:00 2001
From: Thanos Baskous <ThanosBaskous@gmail.com>
Date: Sat, 24 Jun 2017 13:00:36 -0700
Subject: [PATCH] Cleanup and copy-editing for #458 (KMS IAM Gotcha) (#459)

* Cleanup and copy-editing for #458 (KMS IAM Gotcha)

* Fix KMS IAM gotcha quotation characters
---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index c93c060..997fc86 100644
--- a/README.md
+++ b/README.md
@@ -1505,7 +1505,7 @@ KMS
 
 -	🔸The Encrypt API only works with < 4KB of data. Larger data requires generating and managing a [data key](http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#data-keys) in your application layer.
 -	🔸KMS audit events are not available in the [CloudTrail Lookup Events API](http://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_LookupEvents.html). You need to look find them in the raw .json.gz files that CloudTrail saves in S3.
-- 🔸In order to Encrypt a multi-part upload to S3, the KMS Key Policy needs to allow "kms:Decrypt" and "kms:GenerateDataKey*" in addition to "kms:Encrypt". Otherwise the upload will fail with an AccessDenied error.
+-	🔸In order to encrypt a multi-part upload to S3, the KMS Key Policy needs to allow “kms:Decrypt” and “kms:GenerateDataKey*” in addition to “kms:Encrypt”, otherwise the upload will fail with an “AccessDenied” error.
 
 CloudFront
 ----------