Merge pull request #288137 from eak13/main

Updates for console SSH keys (3.14)

Author: prmerger-automator[bot]

articles/operator-nexus/cluster-jsonc-example.md

@@ -108,12 +108,6 @@ ms.custom: template-how-to, devx-track-arm-template
       "metadata": {
         "description": "Secret KeyVault for credential rotation"
       }
-    },
-    "sshKeyUrl": {
-      "type": "string",
-      "metadata": {
-        "description": "SSH Key URL that is used for to gather list of Public Keys"
-      }
     }
   },
   "variables": {},
@@ -341,7 +335,8 @@ ms.custom: template-how-to, devx-track-arm-template
         }
       }
     }
-  ],
+  }
+],
   "outputs": {}
 }
 ```

articles/operator-nexus/cluster-parameters-jsonc-example.md

@@ -9,7 +9,6 @@ ms.date: 05/08/2024
 ms.custom: template-how-to, devx-track-arm-template
 ---
 
-
 # Example of cluster.parameter.jsonc template file.
 
 ```cluster.parameter.jsonc
@@ -51,9 +50,6 @@ ms.custom: template-how-to, devx-track-arm-template
     "secretArchive": {
       "value": "$KV_RESOURCE_ID"
     },
-    "sshKeyUrl": {
-      "value": "https://"
-    },
     "aggregatorOrSingleRack": {
       "value": {
         "networkRackId": "$AGGR_RACK_RESOURCE_ID",

articles/operator-nexus/howto-credential-rotation.md

@@ -4,7 +4,7 @@ description: Describes the credential rotation lifecycle including automated rot
 ms.service: azure-operator-nexus
 ms.custom: template-how-to
 ms.topic: how-to
-ms.date: 03/19/2024
+ms.date: 10/9/2024
 author: eak13
 ms.author: ekarandjeff
 ---
@@ -31,12 +31,13 @@ The Operator Nexus Platform offers a managed credential rotation process that au
 - Baseboard Management Controller (BMC)
 - Pure Storage Array Administrator
 - Console User for emergency access
+- Console User SSH keys for emergency access
 - Local path storage
 
-When a new Cluster is created, the credentials are automatically rotated during deployment. The managed credential process then automatically rotates these credentials every 60 days. The updated credentials are written to the key vault associated with the Cluster resource. The last rotation timestamps are currently not visible to users, but is a planned enhancement to the Operator Nexus Platform.
+When a new Cluster is created, the credentials are automatically rotated during deployment. The managed credential process then automatically rotates these credentials periodically based on the credential type. The updated credentials are written to the key vault associated with the Cluster resource. With the 2024-07-01-GA API, the credential rotation status is available on the Bare Metal Machine or Storage Appliance resources in the `secretRotationStatus` data construct for each of the rotated credentials.
 
 > [!NOTE]
-> The introduction of this capability enables auto-rotation for existing instances. If any of the supported credentials have not been rotated within the last 60 days, they will be rotated at the time of upgrade.
+> The introduction of this capability enables auto-rotation for existing instances. If any of the supported credentials have not been rotated within the expected rotation time period, they will be rotated during the management upgrade.
 
 Operator Nexus also provides a service for preemptive rotation of the above Platform credentials. This service is available to customers upon request through a support ticket. Credential rotation for Operator Nexus Fabric devices also requires a support ticket. Instructions for generating a support request are described in the next section.