-
Notifications
You must be signed in to change notification settings - Fork 1.7k
/
Copy pathKeyVault.deleteKey.txt
82 lines (51 loc) · 2.07 KB
/
KeyVault.deleteKey.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
.. _keyvault-deletekey-method:
====================
KeyVault.deleteKey()
====================
.. default-domain:: mongodb
.. contents:: On this page
:local:
:backlinks: none
:depth: 1
:class: singlecol
.. method:: KeyVault.deleteKey(UUID)
Deletes a data encryption key with the specified UUID from the key
vault associated to the database connection.
:method:`~KeyVault.deleteKey()` has the following syntax:
.. code-block:: none
keyVault = db.getMongo().getKeyVault()
keyVault.deleteKey(UUID("<UUID String>"))
The :abbr:`UUID (Universally unique identifier)` is a BSON
:bsontype:`binary data <Binary>` object with subtype ``4``.
:returns: A document indicating the number of deleted keys.
Compatibility
-------------
This command is available in deployments hosted in the following
environments:
.. include:: /includes/fact-environments-atlas-only.rst
.. include:: /includes/fact-environments-onprem-only.rst
Behavior
--------
Requires Configuring Client-Side Field Level Encryption on Database Connection
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. include:: /includes/extracts/csfle-requires-enabling-encryption.rst
Example
-------
The following example is intended for rapid evaluation of
client-side field level encryption. For specific examples of using
:method:`KeyVault.deleteKey()` with each supported
:abbr:`KMS (Key Management Service)` provider, see
:ref:`field-level-encryption-data-key-delete`.
.. include:: /includes/csfle-connection-boilerplate-example.rst
Retrieve the :method:`KeyVault <getKeyVault()>` object and
use the :method:`KeyVault.deleteKey()` method to
delete the data encryption key with matching ``UUID``:
.. code-block:: javascript
keyVault = encryptedClient.getKeyVault()
keyVault.deleteKey(UUID("b4b41b33-5c97-412e-a02b-743498346079"))
If successful, :method:`~KeyVault.deleteKey()` returns output similar to
the following:
.. code-block:: json
{ "acknowledged" : true, "deletedCount" : 1 }
.. seealso::
:ref:`field-level-encryption-data-key-delete`