Learn R
paws.security.identity (version 0.1.0)

kms_revoke_grant: Revokes the specified grant for the specified customer master key (CMK)

Description

Revokes the specified grant for the specified customer master key (CMK). You can revoke a grant to actively deny operations that depend on it.

Usage

kms_revoke_grant(KeyId, GrantId)

Arguments

KeyId

[required] A unique identifier for the customer master key associated with the grant.

Specify the key ID or the Amazon Resource Name (ARN) of the CMK. To specify a CMK in a different AWS account, you must use the key ARN.

For example:

  • Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

  • Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey.

GrantId

[required] Identifier of the grant to be revoked.

Request syntax

svc$revoke_grant(
  KeyId = "string",
  GrantId = "string"
)

Details

To perform this operation on a CMK in a different AWS account, specify the key ARN in the value of the KeyId parameter.

Examples

Run this code
# NOT RUN {
# The following example revokes a grant.
# }
# NOT RUN {
svc$revoke_grant(
  GrantId = "0c237476b39f8bc44e45212e08498fbe3151305030726c0590dd8d3e9f3d6a60",
  KeyId = "1234abcd-12ab-34cd-56ef-1234567890ab"
)
# }
# NOT RUN {
# }

Run the code above in your browser using DataLab