1// Code generated by smithy-go-codegen DO NOT EDIT.
2
3package kms
4
5import (
6	"context"
7	awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
8	"github.com/aws/aws-sdk-go-v2/aws/signer/v4"
9	"github.com/aws/smithy-go/middleware"
10	smithyhttp "github.com/aws/smithy-go/transport/http"
11	"time"
12)
13
14// Schedules the deletion of a customer master key (CMK). You may provide a waiting
15// period, specified in days, before deletion occurs. If you do not provide a
16// waiting period, the default period of 30 days is used. When this operation is
17// successful, the key state of the CMK changes to PendingDeletion. Before the
18// waiting period ends, you can use CancelKeyDeletion to cancel the deletion of the
19// CMK. After the waiting period ends, AWS KMS deletes the CMK and all AWS KMS data
20// associated with it, including all aliases that refer to it. Deleting a CMK is a
21// destructive and potentially dangerous operation. When a CMK is deleted, all data
22// that was encrypted under the CMK is unrecoverable. To prevent the use of a CMK
23// without deleting it, use DisableKey. If you schedule deletion of a CMK from a
24// custom key store
25// (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html),
26// when the waiting period expires, ScheduleKeyDeletion deletes the CMK from AWS
27// KMS. Then AWS KMS makes a best effort to delete the key material from the
28// associated AWS CloudHSM cluster. However, you might need to manually delete the
29// orphaned key material
30// (https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html#fix-keystore-orphaned-key)
31// from the cluster and its backups. For more information about scheduling a CMK
32// for deletion, see Deleting Customer Master Keys
33// (https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html) in
34// the AWS Key Management Service Developer Guide. The CMK that you use for this
35// operation must be in a compatible key state. For details, see How Key State
36// Affects Use of a Customer Master Key
37// (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the
38// AWS Key Management Service Developer Guide. Cross-account use: No. You cannot
39// perform this operation on a CMK in a different AWS account. Required
40// permissions: kms:ScheduleKeyDeletion
41// (https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html)
42// (key policy) Related operations
43//
44// * CancelKeyDeletion
45//
46// * DisableKey
47func (c *Client) ScheduleKeyDeletion(ctx context.Context, params *ScheduleKeyDeletionInput, optFns ...func(*Options)) (*ScheduleKeyDeletionOutput, error) {
48	if params == nil {
49		params = &ScheduleKeyDeletionInput{}
50	}
51
52	result, metadata, err := c.invokeOperation(ctx, "ScheduleKeyDeletion", params, optFns, addOperationScheduleKeyDeletionMiddlewares)
53	if err != nil {
54		return nil, err
55	}
56
57	out := result.(*ScheduleKeyDeletionOutput)
58	out.ResultMetadata = metadata
59	return out, nil
60}
61
62type ScheduleKeyDeletionInput struct {
63
64	// The unique identifier of the customer master key (CMK) to delete. Specify the
65	// key ID or the Amazon Resource Name (ARN) of the CMK. For example:
66	//
67	// * Key ID:
68	// 1234abcd-12ab-34cd-56ef-1234567890ab
69	//
70	// * Key ARN:
71	// arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
72	//
73	// To
74	// get the key ID and key ARN for a CMK, use ListKeys or DescribeKey.
75	//
76	// This member is required.
77	KeyId *string
78
79	// The waiting period, specified in number of days. After the waiting period ends,
80	// AWS KMS deletes the customer master key (CMK). This value is optional. If you
81	// include a value, it must be between 7 and 30, inclusive. If you do not include a
82	// value, it defaults to 30.
83	PendingWindowInDays *int32
84}
85
86type ScheduleKeyDeletionOutput struct {
87
88	// The date and time after which AWS KMS deletes the customer master key (CMK).
89	DeletionDate *time.Time
90
91	// The Amazon Resource Name (key ARN
92	// (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-ARN))
93	// of the CMK whose deletion is scheduled.
94	KeyId *string
95
96	// Metadata pertaining to the operation's result.
97	ResultMetadata middleware.Metadata
98}
99
100func addOperationScheduleKeyDeletionMiddlewares(stack *middleware.Stack, options Options) (err error) {
101	err = stack.Serialize.Add(&awsAwsjson11_serializeOpScheduleKeyDeletion{}, middleware.After)
102	if err != nil {
103		return err
104	}
105	err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpScheduleKeyDeletion{}, middleware.After)
106	if err != nil {
107		return err
108	}
109	if err = addSetLoggerMiddleware(stack, options); err != nil {
110		return err
111	}
112	if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil {
113		return err
114	}
115	if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil {
116		return err
117	}
118	if err = addResolveEndpointMiddleware(stack, options); err != nil {
119		return err
120	}
121	if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil {
122		return err
123	}
124	if err = addRetryMiddlewares(stack, options); err != nil {
125		return err
126	}
127	if err = addHTTPSignerV4Middleware(stack, options); err != nil {
128		return err
129	}
130	if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil {
131		return err
132	}
133	if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil {
134		return err
135	}
136	if err = addClientUserAgent(stack); err != nil {
137		return err
138	}
139	if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
140		return err
141	}
142	if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
143		return err
144	}
145	if err = addOpScheduleKeyDeletionValidationMiddleware(stack); err != nil {
146		return err
147	}
148	if err = stack.Initialize.Add(newServiceMetadataMiddleware_opScheduleKeyDeletion(options.Region), middleware.Before); err != nil {
149		return err
150	}
151	if err = addRequestIDRetrieverMiddleware(stack); err != nil {
152		return err
153	}
154	if err = addResponseErrorMiddleware(stack); err != nil {
155		return err
156	}
157	if err = addRequestResponseLogging(stack, options); err != nil {
158		return err
159	}
160	return nil
161}
162
163func newServiceMetadataMiddleware_opScheduleKeyDeletion(region string) *awsmiddleware.RegisterServiceMetadata {
164	return &awsmiddleware.RegisterServiceMetadata{
165		Region:        region,
166		ServiceID:     ServiceID,
167		SigningName:   "kms",
168		OperationName: "ScheduleKeyDeletion",
169	}
170}
171