diff --git a/pkg/resource/validations/kms_arn_regex_validation.go b/pkg/resource/validations/kms_arn_regex_validation.go
index 0670e25..8830dda 100644
--- a/pkg/resource/validations/kms_arn_regex_validation.go
+++ b/pkg/resource/validations/kms_arn_regex_validation.go
@@ -6,7 +6,7 @@ import (
 )
 
 var KmsArnRE = regexp.MustCompile(
-	`^arn:aws[\w-]*:kms:[\w-]+:\d{12}:key\/mrk-[0-9a-f]{32}$|[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$`,
+	`^arn:aws[\w-]*:kms:[\w-]+:\d{12}:key\/(mrk-[0-9a-f]{32}$|[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$)`,
 )
 
 func ValidateKMSKeyARN(kmsKeyARN *string) error {
diff --git a/pkg/resource/validations/kms_arn_regex_validation_test.go b/pkg/resource/validations/kms_arn_regex_validation_test.go
index 5115e38..ee751fc 100644
--- a/pkg/resource/validations/kms_arn_regex_validation_test.go
+++ b/pkg/resource/validations/kms_arn_regex_validation_test.go
@@ -41,6 +41,17 @@ var _ = Describe("Validations", func() {
 			})
 		})
 
+		Context("when kmsKeyARN is not empty but is not prefixed with 'mrk'", func() {
+			BeforeEach(func() {
+				kmsKeyARN = "arn:aws:notkms:us-west-2:301721915996:key/9fdfaf2f-efb7-4db7-a5c3-0d047c52f094"
+			})
+
+			It("should return an error", func() {
+				err := ValidateKMSKeyARN(&kmsKeyARN)
+				Expect(err).To(HaveOccurred())
+			})
+		})
+
 		Context("when kmsKeyARN is not empty and does not match the regex", func() {
 			BeforeEach(func() {
 				kmsKeyARN = "invalid-kms-key-arn"