Decommissioning and Destroying a VM

The following procedure describes how to remove a VM from KeyControl Vault when you intend to destroy the VM without accessing any of the encrypted data. After you remove the VM from KeyControl Vault, the VM no longer appears in the KeyControl webGUI and no longer counts against the Cloud VM Limit defined in your KeyControl Vault license.

If you want to remove the VM from KeyControl Vault but retain the data on the VM, see Removing a VM from KeyControl Vault.

1. Log into the KeyControl webGUI using an account with Cloud Admin privileges.
2. In the top menu bar, click Cloud.
3. Click the VMs tab, then select the VM that you want to decommission.
4. Click Actions > Revoke Authentication.

5. Confirm the action at the prompt.

   KeyControl Vault revokes access to the VM and automatically displays the Unauthenticated VMs tab.

   Note: At this point, all of the encryption keys are still stored in KeyControl Vault, and you can restore the VM by selecting it and clicking Actions > Rescue Authentication. If you continue with this procedure, all access to any encrypted data on the VM will be lost when the VM is removed from KeyControl Vault.

6. Select the VM and click Actions > Remove.

   KeyControl Vault removes the VM from its inventory, returns the associated KeyControl Vault license to the license pool, and destroys all encryption keys associated with that VM.

7. Use your hypervisor to delete the VM.