DeleteKeyPair - Amazon Lightsail


Deletes the specified key pair by removing the public key from Amazon Lightsail.

You can delete key pairs that were created using the ImportKeyPair and CreateKeyPair actions, as well as the Lightsail default key pair. A new default key pair will not be created unless you launch an instance without specifying a custom key pair, or you call the DownloadDefaultKeyPair API.

The delete key pair operation supports tag-based access control via resource tags applied to the resource identified by key pair name. For more information, see the Amazon Lightsail Developer Guide.

Request Syntax

{ "expectedFingerprint": "string", "keyPairName": "string" }

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.


The RSA fingerprint of the Lightsail default key pair to delete.


The expectedFingerprint parameter is required only when specifying to delete a Lightsail default key pair.

Type: String

Required: No


The name of the key pair to delete.

Type: String

Pattern: \w[\w\-]*\w

Required: Yes

Response Syntax

{ "operation": { "createdAt": number, "errorCode": "string", "errorDetails": "string", "id": "string", "isTerminal": boolean, "location": { "availabilityZone": "string", "regionName": "string" }, "operationDetails": "string", "operationType": "string", "resourceName": "string", "resourceType": "string", "status": "string", "statusChangedAt": number } }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.


An array of objects that describe the result of the action, such as the status of the request, the timestamp of the request, and the resources affected by the request.

Type: Operation object


For information about the errors that are common to all actions, see Common Errors.


Lightsail throws this exception when the user cannot be authenticated or uses invalid credentials to access a resource.

HTTP Status Code: 400


Lightsail throws this exception when an account is still in the setup in progress state.

HTTP Status Code: 400


Lightsail throws this exception when user input does not conform to the validation rules of an input field.


Domain and distribution APIs are only available in the N. Virginia (us-east-1) AWS Region. Please set your AWS Region configuration to us-east-1 to create, view, or edit these resources.

HTTP Status Code: 400


Lightsail throws this exception when it cannot find a resource.

HTTP Status Code: 400


Lightsail throws this exception when an operation fails to execute.

HTTP Status Code: 400


A general service exception.

HTTP Status Code: 500


Lightsail throws this exception when the user has not been authenticated.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: