Deleting an Encryption Key (CLI)
Deleting an encryption key is a fast and effective way to make large amounts of data inaccessible. Keys can be deleted even if they are in use. If the key is in use, a warning is given and confirmation is required. All shares, projects, or pools that use that key are unshared and can no longer be accessed by clients.
If you might use a LOCAL key again to access its associated shares, back up the key name and value before deleting the key. Then you can later perform a restore procedure as described in Restoring a LOCAL Key (CLI).
When an encryption key that is in use by a pool, project, or share is deleted, all
affected pools, projects, and shares are listed as dependents for the key. When the key is
deleted, the keystatus
property value changes to
unavailable
.
Use the following procedure to delete an encryption key.