Aws_sqs_queue_policy - error reported after TF apply

I am getting below error upon TF APPLY

**Error:** **setting SQS Queue (https://sqs.eu-central-1.amazonaws.com/xxxxxx/my_test_eu-central-1_sqsqueue) attribute (Policy): InvalidParameterValue: Value sqs:DeleteMessageBatch for parameter ActionName is invalid. Reason: Please refer to the appropriate WSDL for a list of valid actions.**

**Error:** **setting SQS Queue (https://sqs.eu-central-1.amazonaws.com/xxxxxx/my_test_eu-central-1_sqsqueue) attribute (Policy): InvalidParameterValue: Value kms:Decrypt for parameter ActionName is invalid. Reason: Please refer to the appropriate WSDL for a list of valid actions.**

My SQS policy:

> resource "aws_sqs_queue_policy" "sqspolicy" {
>   count     = "${var.is_enabled ? 1 : 0}"
>   queue_url = aws_sqs_queue.sqs_queue.*.id[count.index]
>   policy = <<POLICY
> {
>   "Version": "2012-10-17",
>   "Id": "sqs_policy",
>   "Statement": [
> 		{
> 			"Sid": "Allow S3 bucket to write to queue",
> 			"Effect": "Allow",
> 			"Principal": {
> 				"Service": "s3.amazonaws.com"
> 			},
> 			"Action": "SQS:SendMessage",
> 			"Resource": "${aws_sqs_queue.sqs_queue.*.arn[count.index]}",
> 			"Condition": {
> 				"ArnEquals": {
> 					"aws:SourceArn": "${module.s3.s3bucket_arn}/*"
> 				}
> 			}
> 		},
> 		{
> 			"Sid": "Allow account running HostedFTP software to read from queue",
> 			"Effect": "Allow",
> 			"Principal": {
> 				"AWS": "arn:aws:iam::xxxxxxxxx:root"
> 			},
> 			"Action": [
> 				"SQS:DeleteMessage",
> 				"sqs:DeleteMessageBatch",
> 				"SQS:GetQueueAttributes",
> 				"SQS:ReceiveMessage"
> 			],
> 			"Resource": "${aws_sqs_queue.sqs_queue.*.arn[count.index]}"
> 		},
> 		{
> 		"Sid": "Enable S3 to encrypt messages added to queue",
> 		"Effect": "Allow",
> 		"Principal": {
> 			"Service": "s3.amazonaws.com"
> 		},
> 		"Action": [
> 			"kms:GenerateDataKey",
> 			"kms:Decrypt"
> 		],
> 		"Resource": "*"
> 	},
> 	{
> 		"Sid": "Enable cross-account access to HostedFTP software",
> 		"Effect": "Allow",
> 		"Principal": {
> 			"AWS": "arn:aws:iam::xxxxxxxxxxxx:root"
> 		},
> 		"Action": "kms:Decrypt",
> 		"Resource": "*"
> 	}
>   ]
> }
> POLICY
> }

Am I missing something? Would this be caused by a TF Provider issue?