Hello! We’re using Vault Transit engine to sign/verify JWT tokens. The key is rotating every hour. So we have a lot of versions that are no longer eligible for encrypt/decrypt.
- How can we remove unused version?
- How can we remove a specific key version? What should we do if we suppose that the specific key version is compromised?