Schedules the deletion of a CMK.
- During waiting period, the key is in PendingDeletion state and cannot be used for encryption, decryption, or data key generation.
- This operation may cause serious consequences. We recommend that you use DisableKey instead if possible.
- A deleted CMK cannot be recovered. The data it encrypted, and the DataKey it generated cannot be decrypted again. Therefore, you must make a request to KMS for deleting a CMK.
- You must specify a waiting period when you make the request. The period must be between 7 and 30 days. You can use CacnelKeyDeletion to cancel the request after submission but before the waiting period ends.
- The CMK is deleted within 24 hours after the waiting period ends.
For example, a user makes a request at 14:00, Sep 10, 2016. The waiting period is 7 days. KMS deletes the CMK within 24 hours after 14:00, Sep 17.
|KeyId||string||Yes||Globally unique identifier of the CMK.|
|PendingWindowInDays||string||Yes||The waiting period, specified in number of days. The value must be between 7 and 30. After the waiting period ends, KMS deletes the CMK.|
|RequestId||String||The ID of this request.|
&<Common Request Parameters>