Canceling a Master Encryption Key Deletion
Learn how to cancel the scheduled deletion of a master encryption key.
You can cancel the deletion of a key only when it's in the "Pending Deletion" state. See Deleting a Key for details on scheduling a key deletion.
Access to the key and any resources or data encrypted by the key are restored when the key returns to the "Enabled" state.
- On the Master Encryption Keys list page, find the key that you want to work with. If you need help finding the list page, see Listing Keys.
-
From the Actions menu
at the end of the row entry for the key, select Cancel Deletion.
- To confirm that you want to cancel deletion of the key, select Cancel Deletion.
Use the oci kms management key cancel-deletion command and required parameters to cancel a scheduled key deletion:
oci kms management key cancel-deletion --key-id <target_key_id> --endpoint <kmsmanagement_control_plane_URL>For a complete list of parameters and values for CLI commands, see the CLI Command Reference.
Run the CancelKeyDeletion operation with the Management Endpoint to cancel the deletion of a vault key.
Note
The Management Endpoint is used for management operations including Create, Update, List, Get, and Delete. The Management Endpoint is also called the control plane URL or the KMSMANAGEMENT endpoint.
The Cryptographic Endpoint is used for cryptographic operations including Encrypt, Decrypt, Generate Data Encryption Key, Sign, and Verify. The Cryptographic Endpoint is also called the data plane URL or the KMSCRYPTO endpoint.
You can find the management and cryptographic endpoints in a vault's details metadata. See Getting a Vault's Details for instructions.
For regional endpoints for the Key Management, Secret Management, and Secret Retrieval APIs, see API Reference and Endpoints.
For information about using the API and signing requests, see REST API documentation and Security Credentials. For information about SDKs, see SDKs and the CLI.