AWS announces AWS Interconnect – multicloud (preview), providing simple, resilient, high-speed private connections to other cloud service providers. AWS Interconnect - multicloud is easy to configure and provides high-speed, resilient connectivity with dedicated bandwidth, enabling customers to interconnect AWS networking services such as AWS Transit Gateway, AWS Cloud WAN, and Amazon VPC to other cloud service providers with ease.
Unable to delete hosted zones - DNSSEC signing disabled, CMK deleted
Hi all,
I have tried the following steps to delete the hosted zone, but I was still getting “HostedZoneNotEmpty 400: The specific hosted zone contains DNSSEC key signing keys and so cannot be deleted”.
- Disabled DNSSEC signing in Route 53.
- Deleted the CMK in the key management service after waited 7 days.
**Please could anyone advise what to do next? **
The CMK has disappeared from key management service, but it is still showing as Active under DNSSEC signing. But when click on view details for the key, I had Error occurred under “customer managed CMK details”.
- 최신
- 최다 투표
- 가장 많은 댓글
Delete a key-signing key (KSK)
Before you can delete a KSK, you must edit the KSK to set its status to Inactive.
One reason that you might delete a KSK is as part of routine key rotation. It's a best practice to rotate cryptographic keys periodically. Your organization might have standard guidance for how often to rotate keys.
Follow these steps to delete a KSK in the AWS Management Console.
To delete a KSK
- Sign in to the AWS Management Console and open the Route 53 console at https://console.aws.amazon.com/route53/.
- In the navigation pane, choose Hosted zones, and then choose a hosted zone.
- On the DNSSEC signing tab, under Key-signing keys (KSKs), choose Switch to advanced view, and then under Actions, choose Delete KSK
- Follow the guidance to confirm deleting the KSK.
관련 콘텐츠
- AWS 공식업데이트됨 3년 전
