Li, Qiao d9e750baf4 KMS User Guide 20231019 version.

Reviewed-by: Rogal, Marcel <mrogal@noreply.gitea.eco.tsi-dev.otc-service.com>
Co-authored-by: Li, Qiao <qiaoli@huawei.com>
Co-committed-by: Li, Qiao <qiaoli@huawei.com>

2024-06-10 13:07:34 +00:00

3.0 KiB

Raw Permalink Blame History

Disabling One or More CMKs

This section describes how to use the KMS console to disable one or more custom keys, thereby protecting data in urgent cases.

After being disabled, a custom key cannot be used to encrypt or decrypt any data. Before using a disabled CMK to encrypt or decrypt data, you must enable it by following instructions in Enabling One or More CMKs.

Prerequisites

The CMK you want to disable is in Enabled status.

Constraints

Default keys created by KMS cannot be disabled.
A disabled CMK is still billable. It will stop incurring charges if it is deleted.

Procedure

Log in to the management console.
Click . Choose Security > Key Management Service. The Key Management Service page is displayed.
In the row containing the target CMK, click Disable.
In the displayed dialog box, select I understand the impact of disabling keys, and click OK.

To disable multiple CMKs at a time, select them and click Disable in the upper left corner of the list.

Parent topic: Managing CMKs

3.0 KiB Raw Permalink Blame History

Disabling One or More CMKs

Prerequisites

Constraints

Procedure

3.0 KiB

Raw Permalink Blame History