Boundary
scopes destroy-key-version
Command: scopes destroy-key-version
The scopes destroy-key-version
command lets you destroy a key version in the scope.
You cannot destroy the key version that is currently active.
When you run this command, it may start an asynchronous job to re-encrypt any existing data that was encrypted with the key version that you destroy.
You can check the progress of the key destruction job using the boundary scopes list-key-version-destruction-jobs
command.
Example
This example destroys a key version with the ID krkv_123456789
in the scope global
:
$ boundary scopes destroy-key-version -scope-id global -key-version-id krkv_123456789
Usage
$ boundary scopes destroy-key-version [args]
Command options
-key-version-id=<string>
- The ID of the key version you want to destroy.-scope-id=<string>
- The ID of the scope in which the key version you want to destroy exists.
CLI options
In addition to the command specific options, there are options common to all CLI commands and subcommands: