| Safe Haskell | None |
|---|---|
| Language | Haskell2010 |
Network.AWS.KMS.RetireGrant
Description
Retires a grant. You can retire a grant when you're done using it to clean
up. You should revoke a grant when you intend to actively deny operations
that depend on it. The following are permitted to call this API: The account
that created the grant The RetiringPrincipal, if present The GranteePrincipal, if
RetireGrant is a grantee operation The grant to retire must be identified by
its grant token or by a combination of the key ARN and the grant ID. A grant
token is a unique variable-length base64-encoded string. A grant ID is a 64
character unique identifier of a grant. Both are returned by the CreateGrant
function.
http://docs.aws.amazon.com/kms/latest/APIReference/API_RetireGrant.html
Request
data RetireGrant Source
Request constructor
retireGrant :: RetireGrant Source
RetireGrant constructor.
The fields accessible through corresponding lenses are:
Request lenses
rgGrantId :: Lens' RetireGrant (Maybe Text) Source
Unique identifier of the grant to be retired. The grant ID is returned by
the CreateGrant function. Grant ID Example -
0123456789012345678901234567890123456789012345678901234567890123
rgGrantToken :: Lens' RetireGrant (Maybe Text) Source
Token that identifies the grant to be retired.
rgKeyId :: Lens' RetireGrant (Maybe Text) Source
A unique identifier for the customer master key associated with the grant. This value can be a globally unique identifier or a fully specified ARN of the key. Key ARN Example - arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012 Globally Unique Key ID Example - 12345678-1234-1234-1234-123456789012
Response
Response constructor
retireGrantResponse :: RetireGrantResponse Source
RetireGrantResponse constructor.