ScheduleKeyDeletion - Key Management Service - Alibaba Cloud Documentation Center

During the scheduled period, the CMK is in the PendingDeletion state and cannot be used to encrypt data, decrypt data, or generate data keys.

After a CMK is deleted, it cannot be recovered. Data that is encrypted and data keys that are generated by using the CMK cannot be decrypted. To prevent accidental deletion of CMKs, Key Management Service (KMS) allows you to only schedule key deletion tasks. You cannot directly delete CMKs. If you want to delete a CMK, call the DisableKey operation to disable the CMK.

When you call this operation, you must specify a scheduled period between 7 days to 366 days. The scheduled period starts from the time when you submit the request. You can call the CancelKeyDeletion operation to cancel the key deletion task before the scheduled period ends.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters


Parameter	Type	Required	Example	Description
Action	String	Yes	ScheduleKeyDeletion	The operation that you want to perform. Set the value to ScheduleKeyDeletion.
KeyId	String	Yes	7906979c-8e06-46a2-be2d-68e3ccbc****	The ID of the customer master key (CMK). The ID must be globally unique.
PendingWindowInDays	Integer	Yes	7	The scheduled period after which the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the key deletion task. Valid values: 7 to 366. Unit: days.

Response parameters


Parameter	Type	Example	Description
RequestId	String	3da5b8cc-8107-40ac-a170-793cd181d7b7	The ID of the request, which is used to locate and troubleshoot issues.

Examples

Sample requests

http(s)://[Endpoint]/?Action=ScheduleKeyDeletion
&KeyId=7906979c-8e06-46a2-be2d-68e3ccbc****
&PendingWindowInDays=7
&<Common request parameters>

Sample success responses

XML format

HTTP/1.1 200 OK
Content-Type:application/xml

<ScheduleKeyDeletionResponse>
    <RequestId>3da5b8cc-8107-40ac-a170-793cd181d7b7</RequestId>
</ScheduleKeyDeletionResponse>

JSON format

HTTP/1.1 200 OK
Content-Type:application/json

{
  "RequestId" : "3da5b8cc-8107-40ac-a170-793cd181d7b7"
}

Error codes


HTTP status code	Error code	Error message	Description
400	InvalidParameter	The specified parameter is not valid.	The error message returned because an invalid value is specified for the parameter.
404	InvalidAccessKeyId.NotFound	The Access Key ID provided does not exist in our records.	The error message returned because the specified AccessKey ID does not exist.

For a list of error codes, visit the API Error Center.