KMS / Client / delete_alias

delete_alias#

KMS.Client.delete_alias(**kwargs)#

Deletes the specified alias.

Note

Adding, deleting, or updating an alias can allow or deny permission to the KMS key. For details, see ABAC for KMS in the Key Management Service Developer Guide.

Because an alias is not a property of a KMS key, you can delete and change the aliases of a KMS key without affecting the KMS key. Also, aliases do not appear in the response from the DescribeKey operation. To get the aliases of all KMS keys, use the ListAliases operation.

Each KMS key can have multiple aliases. To change the alias of a KMS key, use DeleteAlias to delete the current alias and CreateAlias to create a new alias. To associate an existing alias with a different KMS key, call UpdateAlias.

Cross-account use: No. You cannot perform this operation on an alias in a different Amazon Web Services account.

Required permissions

For details, see Controlling access to aliases in the Key Management Service Developer Guide.

Related operations:

  • CreateAlias

  • ListAliases

  • UpdateAlias

See also: AWS API Documentation

Request Syntax

response = client.delete_alias(
    AliasName='string'
)
Parameters:

AliasName (string) –

[REQUIRED]

The alias to be deleted. The alias name must begin with alias/ followed by the alias name, such as alias/ExampleAlias.

Returns:

None

Exceptions

  • KMS.Client.exceptions.DependencyTimeoutException

  • KMS.Client.exceptions.NotFoundException

  • KMS.Client.exceptions.KMSInternalException

  • KMS.Client.exceptions.KMSInvalidStateException

Examples

The following example deletes the specified alias.

response = client.delete_alias(
    # The alias to delete.
    AliasName='alias/ExampleAlias',
)

print(response)

Expected Output:

{
    'ResponseMetadata': {
        '...': '...',
    },
}