edit-icon download-icon


Last Updated: Apr 02, 2018


Schedules the deletion of a CMK.


  • During waiting period, the key is in PendingDeletion state and cannot be used for encryption, decryption, or data key generation.
  • This operation may cause serious consequences. We recommend that you use DisableKey instead if possible.
  • A deleted CMK cannot be recovered. The data it encrypted, and the DataKey it generated cannot be decrypted again. Therefore, you must make a request to KMS for deleting a CMK.
  • You must specify a waiting period when you make the request. The period must be between 7 and 30 days. You can use CacnelKeyDeletion to cancel the request after submission but before the waiting period ends.
  • The CMK is deleted within 24 hours after the waiting period ends.
    For example, a user makes a request at 14:00, Sep 10, 2016. The waiting period is 7 days. KMS deletes the CMK within 24 hours after 14:00, Sep 17.

Request parameter

Name Type Required Description
KeyId string Yes Globally unique identifier of the CMK.
PendingWindowInDays string Yes The waiting period, specified in number of days. The value must be between 7 and 30. After the waiting period ends, KMS deletes the CMK.

Response parameter

Name Type Description
RequestId String The ID of this request.


Request example

  1. https://kms.cn-hangzhou.aliyuncs.com/?Action=ScheduleKeyDeletion
  2. &KeyId=<your-key-id>
  3. &PendingWindowInDays=[7~30]
  4. &<Common Request Parameters>

Response example

JSON format

  1. //json response
  2. {
  3. "RequestId": "52ac67cb-3d3d-4ada-b4e2-7047660d3ce9"
  4. }

XML format

  1. //xml response
  2. <KMS>
  3. <RequestId>52ac67cb-3d3d-4ada-b4e2-7047660d3ce9</RequestId>
  4. </KMS>
Thank you! We've received your feedback.