Deleting a Vault
Learn how to delete an OCI vault.
When you delete a vault, the vault and all its associated keys go into a pending deletion state until the waiting period expires. By default, this wait period is set as 30 days, but it can be set from a minimum of 7 days up to a maximum of 30 days. When a vault is deleted, all its associated keys are also deleted. If replication is configured, deleting a vault in the source region also deletes the vault and any keys in the vault in the destination region.
- Open the navigation menu , select Identity & Security, and then select Vault.
- Under List scope, select a compartment that contains the vault.
- On the Vaults page, select the name of the vault to open its details page.
- select Delete Vault.
- In the Confirm dialog box, type the name of the vault, and then choose the date and time that you want the vault to be deleted.
- Select Delete Vault.
Open a command prompt and run
oci kms management vault schedule-deletionto delete a vault:oci kms management vault schedule-deletion --vault-id <target_vault_id>For example:
oci kms management vault schedule-deletion --vault-id ocid1.vault.region1.sea.exampleaaacu2.examplesrcvbtqe5wgrxn2jua3olmeausn5fauxseubwu5my5tf3w3When you delete a vault, the vault and all its associated keys go into a pending deletion state until the waiting period expires. By default, this is 30 days, but can be set from a minimum of 7 days up to a maximum of 30 days. When a vault is deleted, all its associated keys are also deleted. If replication is configured, deleting a vault in the source region also deletes the vault and any keys in the vault in the destination region.
For a complete list of parameters and values for CLI commands, see KMS CLI Command Reference.
Use the ScheduleVaultDeletion API with the KMSVAULT endpoint to delete a vault replica.
For information about using the API and signing requests, see REST API documentation and Security Credentials. For information about SDKs, see SDKs and the CLI.