S3 Cross Region Replication Failure

Most likely the s3:GetObjectVersionForReplication permission may be missing for the source bucket. You can refer the document for more detail. https://docs.aws.amazon.com/AmazonS3/latest/userguide/replication-failure-codes.html

SrcGetObjectNotPermitted simply means that the IAM role was not allowed to perform a successful GET on the source object. Sometimes, it might be KMS encryption related. You can also check CloudTrail for KMS errors at the time of the replication failure. Decrypt, Encrypt or GenerateDataKey errors might give you some clues into what KMS permissions are required for a successful replication https://docs.aws.amazon.com/AmazonS3/latest/userguide/replication-config-for-kms-objects.html#replication-kms-permissions