GitHubContribute in GitHub: Edit online

Rotating managed keys manually

You can rotate your managed keys on demand by using UKO.

To learn how managed key rotation works, see Managed key rotation.

Rotating managed keys with the web interface

If you prefer to rotate your managed keys by using a graphical interface, you can use the UKO web interface.

Complete the following steps to rotate a key:

  1. Log in to UKO.
  2. Click Managed keys from the navigation to view all the available keys.
  3. Select the key that you want to rotate and click the Actions icon Actions icon to open a list of options for the key.
  4. Click Rotate from the options menu. Alternatively, you can click Show details from the options menu and then click Rotate on the key details page.
  5. Click Rotate key to confirm.

Rotating managed keys with the API

To rotate a managed key through the API, follow these steps:

  1. Retrieve your service and authentication credentials to work with keys in the service.

  2. Rotate a managed key by making a POST call based on the following example:

    curl --location --request POST 'https://<hostname>:<port>/api/v4/managed_keys/<id>/rotate' \
    --header 'Authorization: Bearer <Token>' \
    --header 'Accept: application/json' \
    --header 'If-Match: <ETag|*>'

    Replace the variables in the example request according to the following table.

    Table 1. Variables needed to rotate a managed key
    Variable Description
    port Required. The port number of the API endpoint.
    id Required. The unique identifier for the managed key that you want to rotate.
    Token Required. Your access token that you retrieve in step 1. Include the full contents of the token, including the Bearer value.
    ETag Required. The precondition of the update, which is the value of ETag from the header on a GET request; you can optionally use * to skip checking whether the key has been modified in the meantime

    For detailed instructions and code examples about using the API method, check out the Cloud API reference doc.

    A successful rotation request returns an HTTP 200 OK response, which indicates that your managed key is replaced by the new key material.

What's next