gcloud alpha kms keys versions destroy - schedule a version to be destroyed
gcloud alpha kms keys versions destroy VERSION [--key=KEY] [--keyring=KEYRING] [--location=LOCATION] [GCLOUD_WIDE_FLAG ...]
(ALPHA) Schedules the given version for destruction in 24 hours.
After that time period passes it is automatically destroyed. Once destroyed, the key material is removed but the version number can not be reused.
Only versions which are Enabled or Disabled can be Scheduled for destruction.
The following command schedules version 9 of key frodo within keyring fellowship and location us-east1 for destruction:
$ gcloud alpha kms keys versions destroy 9 --location=us-east1 \ --keyring=fellowship --key=frodo
- VERSION
Name of the version to destroy.
- --key=KEY
The containing key.
- --keyring=KEYRING
Key ring of the key.
- --location=LOCATION
Location of the keyring.
These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early access allowlist. These variants are also available:
$ gcloud kms keys versions destroy
$ gcloud beta kms keys versions destroy