All Products
Search
Document Center

Key Management Service:DeleteSecret

Last Updated:May 16, 2024

Deletes a secret.

You can schedule the deletion of a secret within a 7 to 30-day window. During the window, the secret can be restored. You can immediately delete a secret. If you immediately delete a secret, the secret cannot be restored.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter

Type

Required

Example

Description

Action

String

Yes

DeleteSecret

The operation that you want to perform. Set the value to DeleteSecret.

SecretName

String

Yes

secret001

The Alibaba Cloud Resource Name (ARN) of the secret or secret resource.

Note

When you access a secret within another Alibaba Cloud account, you must enter the ARN of the secret. The ARN is in the acs:kms:${region}:${account}:secret/${secret-name} format.

ForceDeleteWithoutRecovery

String

No

false

Specifies whether to immediately delete a secret.

Valid values:

  • true

  • false (default)

RecoveryWindowInDays

String

No

10

The scheduled deletion window that you specify when you schedule the deletion of the secret. During the window, the secret can be restored. Valid values: 7 to 30 days.

Default value: 30. Unit: Days.

Note

If you want to immediately delete a secret and set ForceDeleteWithoutRecovery to true, you cannot set RecoveryWindowInDays.

Response parameters

Parameter

Type

Example

Description

SecretName

String

secret001

The secret name.

RequestId

String

38bbed2a-15e0-45ad-98d4-816ad2ccf4ea

The ID of the request, which is used to locate and troubleshoot issues.

PlannedDeleteTime

String

2024-04-15T07:02:14Z

The time when the secret is deleted. The value is in the timestamp format.

Examples

Sample requests

http(s)://[Endpoint]/?Action=DeleteSecret
&SecretName=secret001
&ForceDeleteWithoutRecovery=false
&RecoveryWindowInDays=10
&Common request parameters

Sample success responses

XML format

HTTP/1.1 200 OK
Content-Type:application/xml

<DeleteSecretResponse>
    <SecretName>secret001</SecretName>
    <RequestId>38bbed2a-15e0-45ad-98d4-816ad2ccf4ea</RequestId>
    <PlannedDeleteTime>2022-09-15T07:02:14Z</PlannedDeleteTime>
</DeleteSecretResponse>

JSON format

HTTP/1.1 200 OK
Content-Type:application/json

{
  "SecretName" : "secret001",
  "RequestId" : "38bbed2a-15e0-45ad-98d4-816ad2ccf4ea",
  "PlannedDeleteTime" : "2022-09-15T07:02:14Z"
}

Error codes

HTTP status code

Error code

Error message

Description

400

InvalidParameter

The specified parameter is not valid.

The specified parameter is invalid.

For a list of error codes, see Service error codes.