Retires a grant. To clean up, you can retire a grant when you're done using it. You should revoke a grant when you intend to actively deny operations that depend on it. The following are permitted to call this API:
The AWS account (root user) under which the grant was created
RetiringPrincipal, if present in the grant
RetireGrant is an operation specified
in the grant
You must identify the grant to retire by its grant token or by a combination of the grant ID and the Amazon Resource Name (ARN) of the customer master key (CMK). A grant token is a unique variable-length base64-encoded string. A grant ID is a 64 character unique identifier of a grant. The CreateGrant operation returns both.
For PCL this operation is only available in asynchronous form. Please refer to RetireGrantAsync.
public virtual RetireGrantResponse RetireGrant( String grantToken )
Token that identifies the grant to be retired.
|DependencyTimeoutException||The system timed out while trying to fulfill the request. The request can be retried.|
|InvalidGrantIdException||The request was rejected because the specified GrantId is not valid.|
|InvalidGrantTokenException||The request was rejected because the specified grant token is not valid.|
|KMSInternalException||The request was rejected because an internal exception occurred. The request can be retried.|
|KMSInvalidStateException||The request was rejected because the state of the specified resource is not valid for this request. For more information about how key state affects the use of a CMK, see How Key State Affects Use of a Customer Master Key in the AWS Key Management Service Developer Guide.|
|NotFoundException||The request was rejected because the specified entity or resource could not be found.|
Supported in: 4.5, 4.0, 3.5
Supported in: Windows Store Apps
Supported in: Windows Phone 8.1
Supported in: Xamarin Android
Supported in: Xamarin iOS (Unified)
Supported in: Xamarin.Forms