1// Code generated by smithy-go-codegen DO NOT EDIT. 2 3package kms 4 5import ( 6 "context" 7 awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" 8 "github.com/aws/aws-sdk-go-v2/aws/signer/v4" 9 "github.com/aws/smithy-go/middleware" 10 smithyhttp "github.com/aws/smithy-go/transport/http" 11) 12 13// Revokes the specified grant for the specified customer master key (CMK). You can 14// revoke a grant to actively deny operations that depend on it. Cross-account use: 15// Yes. To perform this operation on a CMK in a different AWS account, specify the 16// key ARN in the value of the KeyId parameter. Required permissions: 17// kms:RevokeGrant 18// (https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html) 19// (key policy) Related operations: 20// 21// * CreateGrant 22// 23// * ListGrants 24// 25// * 26// ListRetirableGrants 27// 28// * RetireGrant 29func (c *Client) RevokeGrant(ctx context.Context, params *RevokeGrantInput, optFns ...func(*Options)) (*RevokeGrantOutput, error) { 30 if params == nil { 31 params = &RevokeGrantInput{} 32 } 33 34 result, metadata, err := c.invokeOperation(ctx, "RevokeGrant", params, optFns, addOperationRevokeGrantMiddlewares) 35 if err != nil { 36 return nil, err 37 } 38 39 out := result.(*RevokeGrantOutput) 40 out.ResultMetadata = metadata 41 return out, nil 42} 43 44type RevokeGrantInput struct { 45 46 // Identifier of the grant to be revoked. 47 // 48 // This member is required. 49 GrantId *string 50 51 // A unique identifier for the customer master key associated with the grant. 52 // Specify the key ID or the Amazon Resource Name (ARN) of the CMK. To specify a 53 // CMK in a different AWS account, you must use the key ARN. For example: 54 // 55 // * Key 56 // ID: 1234abcd-12ab-34cd-56ef-1234567890ab 57 // 58 // * Key ARN: 59 // arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab 60 // 61 // To 62 // get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. 63 // 64 // This member is required. 65 KeyId *string 66} 67 68type RevokeGrantOutput struct { 69 // Metadata pertaining to the operation's result. 70 ResultMetadata middleware.Metadata 71} 72 73func addOperationRevokeGrantMiddlewares(stack *middleware.Stack, options Options) (err error) { 74 err = stack.Serialize.Add(&awsAwsjson11_serializeOpRevokeGrant{}, middleware.After) 75 if err != nil { 76 return err 77 } 78 err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpRevokeGrant{}, middleware.After) 79 if err != nil { 80 return err 81 } 82 if err = addSetLoggerMiddleware(stack, options); err != nil { 83 return err 84 } 85 if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { 86 return err 87 } 88 if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { 89 return err 90 } 91 if err = addResolveEndpointMiddleware(stack, options); err != nil { 92 return err 93 } 94 if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { 95 return err 96 } 97 if err = addRetryMiddlewares(stack, options); err != nil { 98 return err 99 } 100 if err = addHTTPSignerV4Middleware(stack, options); err != nil { 101 return err 102 } 103 if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { 104 return err 105 } 106 if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { 107 return err 108 } 109 if err = addClientUserAgent(stack); err != nil { 110 return err 111 } 112 if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { 113 return err 114 } 115 if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { 116 return err 117 } 118 if err = addOpRevokeGrantValidationMiddleware(stack); err != nil { 119 return err 120 } 121 if err = stack.Initialize.Add(newServiceMetadataMiddleware_opRevokeGrant(options.Region), middleware.Before); err != nil { 122 return err 123 } 124 if err = addRequestIDRetrieverMiddleware(stack); err != nil { 125 return err 126 } 127 if err = addResponseErrorMiddleware(stack); err != nil { 128 return err 129 } 130 if err = addRequestResponseLogging(stack, options); err != nil { 131 return err 132 } 133 return nil 134} 135 136func newServiceMetadataMiddleware_opRevokeGrant(region string) *awsmiddleware.RegisterServiceMetadata { 137 return &awsmiddleware.RegisterServiceMetadata{ 138 Region: region, 139 ServiceID: ServiceID, 140 SigningName: "kms", 141 OperationName: "RevokeGrant", 142 } 143} 144