Not authorized to perform: kms:Encrypt

I had a working serverless.yml
And i wanted it to be deploy-able on 3 environments
SO i used a hack i found in one of this nice forum:

Stage: {opt:stage} profile: {self:custom.myProfile.{self:custom.myStage}} region: {self:custom.myRegion.${self:custom.myStage}}

myStage: ${opt:stage, self:provider.stage}
dev: devAccount
test: testAccount
prod: prodAccount
dev: us-east-2 # Ohio
test: eu-central-1 # Frankfurt
prod: eu-west-1 # Irland

But now for some reason , sls deploy --stage dev fails
An error occurred: RobotProgressDashPlatformEventLambdaFunction - Lambda was unable to encrypt your environment variables because the KMS access was denied. Please check your KMS permissions. KMS Exception: AccessDeniedException KMS Message: User: arn:<my_user> is not authorized to perform: kms:Encrypt on resource: arn:aws:kms:us-east-2: (Service: AWSLambda; Status Code: 403; Error Code: AccessDeniedException; Request ID: b31a61f8-da8b-11e8-98e6-ddf1f9f5bfbc).

1 - My user have full permission on all KSM object:
“Effect”: “Allow”,
“Action”: “kms:",
“Resource”: "

2 - there is no asking to encrypt the env in my settings
3 - this wasn’t an issue before in previous scenario where i did had an encrypted env var

What am i missing?
Any help will be appropriate


Figured it out
It was an old Role from an old stack
After deleting everything related m deploy worked on all envs