gcloud kms keys versions destroy - schedule a version to be destroyed
gcloud kms keys versions destroy VERSION [--key=KEY] [--keyring=KEYRING] [--location=LOCATION] [GCLOUD_WIDE_FLAG ...]
Schedules the given version for destruction in 24 hours.
After that time period passes it is automatically destroyed. Once destroyed, the key material is removed but the version number can not be reused.
Only versions which are Enabled or Disabled can be Scheduled for destruction.
The following command schedules version 9 of key frodo within keyring fellowship and location us-east1 for destruction:
$ gcloud kms keys versions destroy 9 --location=us-east1 \ --keyring=fellowship --key=frodo
- VERSION
Name of the version to destroy.
- --key=KEY
The containing key.
- --keyring=KEYRING
Key ring of the key.
- --location=LOCATION
Location of the keyring.
These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
These variants are also available:
$ gcloud alpha kms keys versions destroy
$ gcloud beta kms keys versions destroy