# Force policy changeawskmsput-key-policy--key-idmrk-c10357313a644d69b4b28b88523ef20c \--policy-name default \--policy file:///tmp/policy.yaml \--bypass-policy-lockout-safety-check{"Id":"key-consolepolicy-3","Version":"2012-10-17","Statement": [{"Sid":"Enable IAM User Permissions","Effect":"Allow","Principal":{"AWS":"arn:aws:iam::<your_own_account>:root"},"Action":"kms:*","Resource":"*"}]}
# Destoy they key material previously imported making the key uselessawskmsdelete-imported-key-material--key-id1234abcd-12ab-34cd-56ef-1234567890ab# Schedule the destoy of a key (min wait time is 7 days)awskmsschedule-key-deletion \--key-id arn:aws:kms:us-west-2:123456789012:key/1234abcd-12ab-34cd-56ef-1234567890ab \--pending-window-in-days 7