Method: projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.destroy

Schedule a CryptoKeyVersion for destruction.

Upon calling this method, CryptoKeyVersion.state will be set to DESTROY_SCHEDULED and destroyTime will be set to a time 24 hours in the future, at which point the state will be changed to DESTROYED, and the key material will be irrevocably destroyed.

Before the destroyTime is reached, cryptoKeyVersions.restore may be called to reverse the process.

HTTP request

POST https://cloudkms.googleapis.com/v1/{name=projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*}:destroy

The URL uses Google API HTTP annotation syntax.

Path parameters

Parameters
name

string

The resource name of the CryptoKeyVersion to destroy.

Authorization requires the following Google IAM permission on the specified resource name:

  • cloudkms.cryptoKeyVersions.destroy

Request body

The request body must be empty.

Response body

If successful, the response body contains an instance of CryptoKeyVersion.

Authorization Scopes

Requires one of the following OAuth scopes:

  • https://www.googleapis.com/auth/cloudkms
  • https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.

Was this page helpful? Let us know how we did:

Send feedback about...

Cloud KMS Documentation