Delete Key Material

<p class="shortdesc">You can manually delete the uploaded key material on demand. </p> <section class="section context"><div class="tasklabel"><h2 class="doc-tairway">About this task</h2></div> <p class="p">When you import key material, you can specify an expiration time. When the key material expires, KMS deletes the key material (the CMK is retained). Apart from automatic deletion, you can also manually delete key material. When KMS deletes the key material, the key status of the CMK changes to <span class="ph uicontrol">PENDING_IMPORT</span>. But if the CMK is PENDING_DELETE, its key status does not change no matter the key material expires or is deleted. </p> <p class="p">This chapter mainly describes how to manually delete key material. </p> </section> <section class="section attention" id="Deletekeymaterial__lky_qq5_jlb"><div class="tasklabel"><h2 class="doc-tairway">Attention</h2></div> <p class="p">When the key material expires or is deleted, the corresponding CMK becomes unusable. You cannot decrypt the cipher text encrypted with that CMK unless you re-import the same key material. Delete key material with caution. </p> </section> <section class="section limitation" id="Deletekeymaterial__mky_qq5_jlb"><div class="tasklabel"><h2 class="doc-tairway">Limitation</h2></div> <p class="p">You can only delete key material with an <span class="ph uicontrol">External </span>origin. You cannot directly delete KMS generated key material. Instead, you need to schedule key deletion in KMS, and wait 7 to 30 days for the key material to be deleted together with the CMK. </p> <p class="p">Each CMK is independent. Therefore, if you delete a CMK, the data encrypted under that CMK cannot be decrypted with any other CMK. This is true even when you import the same key material into a different CMK. </p> </section> <section id="Deletekeymaterial__steps_fht_kl5_jlb"><div class="tasklabel"><h2 class="doc-tairway">Procedure</h2></div><ol class="ol steps" id="Deletekeymaterial__steps_fht_kl5_jlb"><li class="li step"> <span class="ph cmd">Log in to the <a class="xref" href="https://pinganyun.com/console/kms" target="_blank">Key Management Service Console </a>. </span> </li><li class="li step"> <span class="ph cmd">In the left navigation pane, click <span class="ph menucascade"><span class="ph uicontrol">Keys </span><abbr title="and then"> > </abbr><span class="ph uicontrol">Customer managed keys</span></span>. </span> </li><li class="li step"> <span class="ph cmd"> On the <span class="keyword wintitle">Customer management key </span>page, click the ID<strong class="ph b"></strong> of the CMK that is PENDING_DELETE. </span> </li><li class="li step"> <span class="ph cmd">On the <span class="keyword wintitle">Key Detail </span>page, click <span class="ph uicontrol">Delete Key’s Data </span>at the bottom. </span> </li></ol></section> <section class="section result" id="Deletekeymaterial__result_bkt_3r5_jlb"><div class="tasklabel"><h2 class="doc-tairway">Results</h2></div> <p class="p">When the key material is deleted, the corresponding CMK becomes unusable and its key status turns to <span class="ph uicontrol">PENDING_IMPORT</span>. </p> </section>
Did the above content solve your problem? Yes No
Please complete information!

Call us

400-151-8800

Email us

cloud@pingan.com

Online customer service

Instant reply

Technical Support

cloud products