本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
使用 CloudHSM CLI 删除密钥
使用本主题的示例通过 CloudHSM CLI 删除密钥。只有密钥所有者才能删除密钥。
示例:删除密钥
-
运行 key list 命令以确定要删除的密钥:
aws-cloudhsm >key list --filter attr.label="my_key_to_delete" --verbose{ "error_code": 0, "data": { "matched_keys": [ { "key-reference": "0x0000000000540011", "key-info": { "key-owners": [ { "username": "my_crypto_user", "key-coverage": "full" } ], "shared-users": [], "cluster-coverage": "full" }, "attributes": { "key-type": "rsa", "label": "my_key_to_delete", "id": "", "check-value": "0x29bbd1", "class": "private-key", "encrypt": false, "decrypt": true, "token": true, "always-sensitive": true, "derive": false, "destroyable": true, "extractable": true, "local": true, "modifiable": true, "never-extractable": false, "private": true, "sensitive": true, "sign": true, "trusted": false, "unwrap": true, "verify": false, "wrap": false, "wrap-with-trusted": false, "key-length-bytes": 1217, "public-exponent": "0x010001", "modulus": "0x8b3a7c20618e8be08220ed8ab2c8550b65fc1aad8d4cf04fbf2be685f97eeb78fcbbad9b02cd91a3b15e990c2a7c7cdeff0b730576c6c5630a8509a778a96acbc7c36931e9a86e8956fbd07f0863404ce06c8bd68256784be9f5b258a35e229ce7f630228b9323b4e1f14a0384ead90bdf07dc762f710fc5663887d0787ad98d64bbe303134f545acb2ab194fee6edaecd4dd5cf31ff7f7491e37d7a850ab23247414b42d9abdd5de89b78fd464560df29a90607e9d462f21b22365da419021fb9f28ea7e6fdb1f40bf83aaf1636fba5e475ad19889cfe3f28186a969b4826c39466c0855c974d1fb723d111e4a32ab6e32b3129bc95c9206fced160015d8b2f", "modulus-size-bits": 2048 } } ], "total_key_count": 1, "returned_key_count": 1 } 识别密钥后,运行带有密钥唯一
label属性的 key delete 删除密钥:aws-cloudhsm >key delete --filter attr.label="my_key_to_delete"{ "error_code": 0, "data": { "message": "Key deleted successfully" } }-
运行带有密钥唯一
label属性的 key list 命令并确认密钥已被删除。如下例所示,HSM 集群中没有带有标签my_key_to_delete的密钥:aws-cloudhsm >key list --filter attr.label="my_key_to_delete"{ "error_code": 0, "data": { "matched_keys": [], "total_key_count": 0, "returned_key_count": 0 } }
相关 主题
