added deprecation warning in non-restricted rde for restricted commands

Author: Eduardo Rivera (eduardori)

articles/operator-nexus/howto-baremetal-run-data-extract.md

@@ -74,6 +74,9 @@ The current list of supported commands are
   - `TTYLog` - Storage TTYLog data
   - `Debug` - debug logs
 
+> [!WARNING]
+> As of the `v20250701preview` API version and above, this command will no longer be supported by the non-restricted `run-data-extract` command. To run `mde-agent-information`, See [Executing a run-data-extracts-restricted Command](#Executing-a-run-data-extracts-restricted-Command)
+
 - [Collect Microsoft Defender for Endpoints (MDE) agent information](#collect-mde-agent-information)\
   Command Name: `mde-agent-information`\
   Arguments: None
@@ -86,6 +89,9 @@ The current list of supported commands are
   Command Name: `hardware-rollup-status`\
   Arguments: None
 
+> [!WARNING]
+> As of the `v20250701preview` API version and above, this command will no longer be supported by the non-restricted `run-data-extract` command. To run `cluster-cve-report`, See [Executing a run-data-extracts-restricted Command](#Executing-a-run-data-extracts-restricted-Command)
+
 - [Generate Cluster Common Vulnerabilities and Exposures (CVE) Report](#generate-cluster-cve-report)\
   Command Name: `cluster-cve-report`\
   Arguments: None
@@ -714,6 +720,13 @@ The command provides a link (if using cluster manager storage) or another comman
 
 ## Executing a run-data-extracts-restricted Command
 
+### Prerequisites
+* minimum supported API of v20250701preview` or `v20250901` and above
+* Storage Blob Container has been configured
+* The target bare metal machine is on and ready.
+* The syntax for these commands is based on the <TODO: need to confirm az networkcloud CLI version>+ version of the az networkcloud CLI.
+* Get the Cluster Managed Resource group name (cluster_MRG) that you created for Cluster resource.
+
 The `run-data-extracts-restricted` command functionality mirrors non-restricted run-data-extracts command and includes fine-grained access control via RBAC (Role-Based Access Control). It allows customers to run sensitive data extraction operations on BareMetalMachines with elevated privileges.
 
 The `run-data-extracts-restricted` is implemented as a new and separate API action. The action is to be introduced in the `v20250701preview` and `v20250901` GA API, and is designed to mirror the behavior of the original command but with restricted access to specific sub-commands.The following list contains the allowed sub commands for`run-data-extracts-restricted`:
@@ -726,13 +739,6 @@ The `run-data-extracts-restricted` is implemented as a new and separate API acti
   Command Name: `cluster-cve-report`\
   Arguments: None
 
-## Prerequisites
-* minimum supported API of v20250701preview` or `v20250901` and above
-* Storage Blob Container has been configured
-* The target bare metal machine is on and ready.
-* The syntax for these commands is based on the <TODO: need to confirm az networkcloud cli version>+ version of the az networkcloud CLI.
-* Get the Cluster Managed Resource group name (cluster_MRG) that you created for Cluster resource.
-
 Command execution can be performed using `az networkcloud baremetalmachine run-data-extracts-restricted` and it accepts arguments similarly to the `run-data-extract`.
 
 **Example**
@@ -747,8 +753,5 @@ az networkcloud baremetalmachine run-data-extracts-restricted --name "<machine-n
 ```
 
 
-[{"arguments":["--min-severity=8"],"command":"cluster-cve-report"}]' --output-directory ~/tmp
-
-
 ### Storage and Output
 Output from run command executions are by default stored in the blob container defined by the `commandOutputSettings`. Override of the `commandOutputSettings` value is supported per command output type (i.e.BareMetalMachineRunDataExtractsRestricted). For how to specify the commandOutputSettings override for runcommand see [Azure Operator Nexus Cluster support for managed identities and user provided resources](./howto-cluster-managed-identity-user-provided-resources.md).