- Navigation GuideYou are on a Command (operation) page with structural examples. Use the navigation breadcrumb if you would like to return to the Client landing page.
DeleteAliasCommand
Deletes the specified alias.
Adding, deleting, or updating an alias can allow or deny permission to the KMS key. For details, see ABAC for KMS in the Key Management Service Developer Guide.
Because an alias is not a property of a KMS key, you can delete and change the aliases of a KMS key without affecting the KMS key. Also, aliases do not appear in the response from the DescribeKey operation. To get the aliases of all KMS keys, use the ListAliases operation.
Each KMS key can have multiple aliases. To change the alias of a KMS key, use DeleteAlias to delete the current alias and CreateAlias to create a new alias. To associate an existing alias with a different KMS key, call UpdateAlias.
Cross-account use: No. You cannot perform this operation on an alias in a different Amazon Web Services account.
Required permissions
-
kms:DeleteAlias on the alias (IAM policy).
-
kms:DeleteAlias on the KMS key (key policy).
For details, see Controlling access to aliases in the Key Management Service Developer Guide.
Related operations:
-
CreateAlias
-
ListAliases
-
UpdateAlias
Eventual consistency: The KMS API follows an eventual consistency model. For more information, see KMS eventual consistency .
Example Syntax
Use a bare-bones client and the command you need to make an API call.
import { KMSClient, DeleteAliasCommand } from "@aws-sdk/client-kms"; // ES Modules import
// const { KMSClient, DeleteAliasCommand } = require("@aws-sdk/client-kms"); // CommonJS import
const client = new KMSClient(config);
const input = { // DeleteAliasRequest
AliasName: "STRING_VALUE", // required
};
const command = new DeleteAliasCommand(input);
const response = await client.send(command);
// {};
Example Usage
DeleteAliasCommand Input
Parameter | Type | Description |
---|
Parameter | Type | Description |
---|---|---|
AliasName Required | string | undefined | The alias to be deleted. The alias name must begin with |
DeleteAliasCommand Output
Parameter | Type | Description |
---|
Parameter | Type | Description |
---|---|---|
$metadata Required | ResponseMetadata | Metadata pertaining to this request. |
Throws
Name | Fault | Details |
---|
Name | Fault | Details |
---|---|---|
DependencyTimeoutException | server | The system timed out while trying to fulfill the request. You can retry the request. |
KMSInternalException | server | The request was rejected because an internal exception occurred. The request can be retried. |
KMSInvalidStateException | client | The request was rejected because the state of the specified resource is not valid for this request. This exceptions means one of the following:
|
NotFoundException | client | The request was rejected because the specified entity or resource could not be found. |
KMSServiceException | Base exception class for all service exceptions from KMS service. |