Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

Unable delete Route53 hostedzones

0

I can't delete hostedzones, it prompts: HostedZoneNotEmpty 400: The specified hosted zone contains DNSSEC Key Signing Keys and so cannot be deleted., but I already deleted it in the KMS console.

Temas
Seguridad, identidad y cumplimientoRedes y entrega de contenido
Etiquetas
AWS Key Management ServiceAmazon Route 53
Idioma
English
Kincaid
preguntada hace 2 años527 visualizaciones
1 Respuesta
0

I haven't used DNSSEC myself yet but I'm assuming the usual restrictions on KMS key deletion apply. You can't delete KMS keys immediately, only schedule them for deletion with a min 7 days, default 30 days waiting period.

This is to protect you - deleting a customer master key is destructive and potentially dangerous. It deletes the key material and all metadata associated with the CMK, and is irreversible. After a CMK is deleted you can no longer decrypt the data that was encrypted under that CMK, which means that data becomes unrecoverable.

EXPERTO
skinsman
respondido hace 2 años

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante