I found that when I remove all of my AWS Service but the billing spend 1.02$ a month for KMS. I figure out that it was using KMS. When I going to KMS default key. It has many key (https://ap-southeast-1.console.aws.amazon.com/kms/home?region=ap-southeast-1#/kms/defaultKeys). So I want to schedule delete or disable. But it has not permission although I was attracted policy which has kms:Delete*, or kms:ScheduleKeyDeletion.
AWS-managed CMK is something like aws/lambda, aws/sns, aws/s3.
AWS documentation say that AWS-managed key can't be delete or disable. But how to fix it when I not using AWS KMS default-key (not Customer managed keys)
How can I remove AWS-managed keys
You can't, because well, they are AWS-managed, not yours.
But you are not charged for AWS-managed keys.
You are not charged for the following: Creation and storage of AWS managed CMKs.
So you must have your own customer managed key that you are charged for. Maybe in different region then you are checking.