Key Management Service API, gRPC: SymmetricKeyService.Delete
Deletes the specified symmetric KMS key. This action also automatically schedules
the destruction of all of the key's versions in 72 hours.
The key and its versions appear absent in SymmetricKeyService.Get and SymmetricKeyService.List
requests, but can be restored within 72 hours with a request to tech support.
gRPC request
rpc Delete (DeleteSymmetricKeyRequest) returns (operation.Operation)
DeleteSymmetricKeyRequest
{
"key_id": "string"
}
|
Field |
Description |
|
key_id |
string Required field. ID of the key to be deleted. |
operation.Operation
{
"id": "string",
"description": "string",
"created_at": "google.protobuf.Timestamp",
"created_by": "string",
"modified_at": "google.protobuf.Timestamp",
"done": "bool",
"metadata": {
"key_id": "string"
},
// Includes only one of the fields `error`, `response`
"error": "google.rpc.Status",
"response": {
"id": "string",
"folder_id": "string",
"created_at": "google.protobuf.Timestamp",
"name": "string",
"description": "string",
"labels": "map<string, string>",
"status": "Status",
"primary_version": {
"id": "string",
"key_id": "string",
"status": "Status",
"algorithm": "SymmetricAlgorithm",
"created_at": "google.protobuf.Timestamp",
"primary": "bool",
"destroy_at": "google.protobuf.Timestamp",
"hosted_by_hsm": "bool"
},
"default_algorithm": "SymmetricAlgorithm",
"rotated_at": "google.protobuf.Timestamp",
"rotation_period": "google.protobuf.Duration",
"deletion_protection": "bool"
}
// end of the list of possible fields
}
An Operation resource. For more information, see Operation.
|
Field |
Description |
|
id |
string ID of the operation. |
|
description |
string Description of the operation. 0-256 characters long. |
|
created_at |
Creation timestamp. |
|
created_by |
string ID of the user or service account who initiated the operation. |
|
modified_at |
The time when the Operation resource was last modified. |
|
done |
bool If the value is |
|
metadata |
Service-specific metadata associated with the operation. |
|
error |
The error result of the operation in case of failure or cancellation. Includes only one of the fields The operation result. |
|
response |
The normal response of the operation in case of success. Includes only one of the fields The operation result. |
DeleteSymmetricKeyMetadata
|
Field |
Description |
|
key_id |
string ID of the key being deleted. |
SymmetricKey
A symmetric KMS key that may contain several versions of the cryptographic material.
|
Field |
Description |
|
id |
string ID of the key. |
|
folder_id |
string ID of the folder that the key belongs to. |
|
created_at |
Time when the key was created. |
|
name |
string Name of the key. |
|
description |
string Description of the key. |
|
labels |
object (map<string, string>) Custom labels for the key as |
|
status |
enum Status Current status of the key.
|
|
primary_version |
Primary version of the key, used as the default for all encrypt/decrypt operations, |
|
default_algorithm |
enum SymmetricAlgorithm Default encryption algorithm to be used with new versions of the key.
|
|
rotated_at |
Time of the last key rotation (time when the last version was created). |
|
rotation_period |
Time period between automatic key rotations. |
|
deletion_protection |
bool Flag that inhibits deletion of the key |
SymmetricKeyVersion
Symmetric KMS key version: metadata about actual cryptographic data.
|
Field |
Description |
|
id |
string ID of the key version. |
|
key_id |
string ID of the symmetric KMS key that the version belongs to. |
|
status |
enum Status Status of the key version.
|
|
algorithm |
enum SymmetricAlgorithm Encryption algorithm that should be used when using the key version to encrypt plaintext.
|
|
created_at |
Time when the key version was created. |
|
primary |
bool Indication of a primary version, that is to be used by default for all cryptographic |
|
destroy_at |
Time when the key version is going to be destroyed. Empty unless the status |
|
hosted_by_hsm |
bool Indication of the version that is hosted by HSM. |