# Delete an AWS CloudHSM key using KMU deleteKey Use the **deleteKey** command in the AWS CloudHSM key\$1mgmt\$1util to delete a key from the hardware security module (HSM) in an AWS CloudHSM cluster. You can only delete one key at a time. Deleting one key in a key pair has no effect on the other key in the pair. Only the key owner can delete a key. Users who share the key can use it in cryptographic operations, but not delete it. Before you run any key\$1mgmt\$1util command, you must [start key\$1mgmt\$1util](key_mgmt_util-setup.md#key_mgmt_util-start) and [log in](key_mgmt_util-log-in.md) to the HSM as a crypto user (CU). ## Syntax ``` deleteKey -h deleteKey -k ``` ## Examples These examples show how to use **deleteKey** to delete keys from your HSMs. **Example : Delete a key** This command deletes the key with key handle `6`. When the command succeeds, **deleteKey** returns success messages from each HSM in the cluster. ``` Command: deleteKey -k 6 Cfm3DeleteKey returned: 0x00 : HSM Return: SUCCESS Cluster Error Status Node id 1 and err state 0x00000000 : HSM Return: SUCCESS Node id 2 and err state 0x00000000 : HSM Return: SUCCESS ``` **Example : Delete a key (failure)** When the command fails because no key has the specified key handle, **deleteKey** returns an invalid object handle error message. ``` Command: deleteKey -k 252126 Cfm3FindKey returned: 0xa8 : HSM Error: Invalid object handle is passed to this operation Cluster Error Status Node id 1 and err state 0x000000a8 : HSM Error: Invalid object handle is passed to this operation Node id 2 and err state 0x000000a8 : HSM Error: Invalid object handle is passed to this operation ``` When the command fails because the current user is not the owner of the key, the command returns an access denied error. ``` Command: deleteKey -k 262152 Cfm3DeleteKey returned: 0xc6 : HSM Error: Key Access is denied. ``` ## Parameters **-h** Displays command line help for the command. Required: Yes **-k** Specifies the key handle of the key to delete. To find the key handles of keys in the HSM, use [findKey](key_mgmt_util-findKey.md). Required: Yes ## Related topics + [findKey](key_mgmt_util-findKey.md)