Your company is subject to strict data protection laws and requires a solution to encrypt data across AWS account boundaries. Describe the process you would follow to set up cross-account encryption using AWS KMS, including key policy configurations and IAM role permissions.
