deleteKey method

Deletes the key material and metadata associated with Amazon Web Services Payment Cryptography key.

Key deletion is irreversible. After a key is deleted, you can't perform cryptographic operations using the key. For example, you can't decrypt data that was encrypted by a deleted Amazon Web Services Payment Cryptography key, and the data may become unrecoverable. Because key deletion is destructive, Amazon Web Services Payment Cryptography has a safety mechanism to prevent accidental deletion of a key. When you call this operation, Amazon Web Services Payment Cryptography disables the specified key but doesn't delete it until after a waiting period set using DeleteKeyInDays. The default waiting period is 7 days. During the waiting period, the KeyState is DELETE_PENDING. After the key is deleted, the KeyState is DELETE_COMPLETE.

You should delete a key only when you are sure that you don't need to use it anymore and no other parties are utilizing this key. If you aren't sure, consider deactivating it instead by calling StopKeyUsage.

Cross-account use: This operation supports cross-account use when the key has a resource-based policy that grants access. For more information, see Resource-based policies.

Related operations:

May throw AccessDeniedException. May throw ConflictException. May throw InternalServerException. May throw ResourceNotFoundException. May throw ServiceUnavailableException. May throw ThrottlingException. May throw ValidationException.

Parameter keyIdentifier : The KeyARN of the key that is scheduled for deletion.

Parameter deleteKeyInDays : The waiting period for key deletion. The default value is seven days.

Implementation

PaymentCryptography class