Configure secret rotations

This page lists the resources for information on how to set up and configure secret rotations for Google Distributed Cloud (GDC) air-gapped appliance.

  1. BM SSH keys and certificate: PLATAUTH-G0003
  2. Chassis certificate, username and password rotation: APPL-G0001
  3. Changing the iLO username and password for Baseboard Management Controller (BMC) and chassis:
    1. Integrated Lights-Out (iLO) credential rotation: SERV P0002
    2. BMC certificate rotation: SERV P0003
    3. Ironic certificate rotation: SERV P0004
  4. Harbor:
    1. In-cluster Harbor admin credentials rotation: SAR-R2001
    2. Harbor robot account credentials rotation: SAR-R2003
    3. Rotating SAR certificates: SAR-T0001
    4. Rotating Harbor components credentials: SAR-T0002
  5. Identity provider secrets rotation:
    1. Keycloak: IAM-T0001
  6. Object storage:
    1. Object storage credentials.
    2. Disk encryption keys.
    3. Storage authentication keys and certificates.
  7. Physical networking (PNET):
    1. Switch credentials: gdcloud appliance rotate switch-credentials
    2. Switch certificate: gdcloud appliance rotate switch-certificate

To access the runbooks in the IO tools container, see Set up the IO tools to access runbooks