1// Code generated by smithy-go-codegen DO NOT EDIT. 2 3package kms 4 5import ( 6 "context" 7 awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" 8 "github.com/aws/aws-sdk-go-v2/aws/signer/v4" 9 "github.com/aws/smithy-go/middleware" 10 smithyhttp "github.com/aws/smithy-go/transport/http" 11) 12 13// Retires a grant. To clean up, you can retire a grant when you're done using it. 14// You should revoke a grant when you intend to actively deny operations that 15// depend on it. The following are permitted to call this API: 16// 17// * The AWS account 18// (root user) under which the grant was created 19// 20// * The RetiringPrincipal, if 21// present in the grant 22// 23// * The GranteePrincipal, if RetireGrant is an operation 24// specified in the grant 25// 26// You must identify the grant to retire by its grant token 27// or by a combination of the grant ID and the Amazon Resource Name (ARN) of the 28// customer master key (CMK). A grant token is a unique variable-length 29// base64-encoded string. A grant ID is a 64 character unique identifier of a 30// grant. The CreateGrant operation returns both. Cross-account use: Yes. You can 31// retire a grant on a CMK in a different AWS account. Required permissions:: 32// Permission to retire a grant is specified in the grant. You cannot control 33// access to this operation in a policy. For more information, see Using grants 34// (https://docs.aws.amazon.com/kms/latest/developerguide/grants.html) in the AWS 35// Key Management Service Developer Guide. Related operations: 36// 37// * CreateGrant 38// 39// * 40// ListGrants 41// 42// * ListRetirableGrants 43// 44// * RevokeGrant 45func (c *Client) RetireGrant(ctx context.Context, params *RetireGrantInput, optFns ...func(*Options)) (*RetireGrantOutput, error) { 46 if params == nil { 47 params = &RetireGrantInput{} 48 } 49 50 result, metadata, err := c.invokeOperation(ctx, "RetireGrant", params, optFns, addOperationRetireGrantMiddlewares) 51 if err != nil { 52 return nil, err 53 } 54 55 out := result.(*RetireGrantOutput) 56 out.ResultMetadata = metadata 57 return out, nil 58} 59 60type RetireGrantInput struct { 61 62 // Unique identifier of the grant to retire. The grant ID is returned in the 63 // response to a CreateGrant operation. 64 // 65 // * Grant ID Example - 66 // 0123456789012345678901234567890123456789012345678901234567890123 67 GrantId *string 68 69 // Token that identifies the grant to be retired. 70 GrantToken *string 71 72 // The Amazon Resource Name (ARN) of the CMK associated with the grant. For 73 // example: 74 // arn:aws:kms:us-east-2:444455556666:key/1234abcd-12ab-34cd-56ef-1234567890ab 75 KeyId *string 76} 77 78type RetireGrantOutput struct { 79 // Metadata pertaining to the operation's result. 80 ResultMetadata middleware.Metadata 81} 82 83func addOperationRetireGrantMiddlewares(stack *middleware.Stack, options Options) (err error) { 84 err = stack.Serialize.Add(&awsAwsjson11_serializeOpRetireGrant{}, middleware.After) 85 if err != nil { 86 return err 87 } 88 err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpRetireGrant{}, middleware.After) 89 if err != nil { 90 return err 91 } 92 if err = addSetLoggerMiddleware(stack, options); err != nil { 93 return err 94 } 95 if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { 96 return err 97 } 98 if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { 99 return err 100 } 101 if err = addResolveEndpointMiddleware(stack, options); err != nil { 102 return err 103 } 104 if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { 105 return err 106 } 107 if err = addRetryMiddlewares(stack, options); err != nil { 108 return err 109 } 110 if err = addHTTPSignerV4Middleware(stack, options); err != nil { 111 return err 112 } 113 if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { 114 return err 115 } 116 if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { 117 return err 118 } 119 if err = addClientUserAgent(stack); err != nil { 120 return err 121 } 122 if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { 123 return err 124 } 125 if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { 126 return err 127 } 128 if err = stack.Initialize.Add(newServiceMetadataMiddleware_opRetireGrant(options.Region), middleware.Before); err != nil { 129 return err 130 } 131 if err = addRequestIDRetrieverMiddleware(stack); err != nil { 132 return err 133 } 134 if err = addResponseErrorMiddleware(stack); err != nil { 135 return err 136 } 137 if err = addRequestResponseLogging(stack, options); err != nil { 138 return err 139 } 140 return nil 141} 142 143func newServiceMetadataMiddleware_opRetireGrant(region string) *awsmiddleware.RegisterServiceMetadata { 144 return &awsmiddleware.RegisterServiceMetadata{ 145 Region: region, 146 ServiceID: ServiceID, 147 SigningName: "kms", 148 OperationName: "RetireGrant", 149 } 150} 151