Stay organized with collections
Save and categorize content based on your preferences.
Google Distributed Cloud (GDC) air-gapped appliance has a software-defined storage
provider with its own authentication system where each identity (core service or
client) has an associated name and a key.
This document describes the steps to rotate the authentication keys that must be performed
for:
regularly scheduled key rotation to ensure that the device is compliant and
secure.
key exposure. You should rotate the exposed key as soon as possible.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[[["\u003cp\u003eGoogle Distributed Cloud (GDC) air-gapped appliance utilizes a software-defined storage provider with its own authentication system for core services and clients.\u003c/p\u003e\n"],["\u003cp\u003eAuthentication keys for the GDC air-gapped appliance should be rotated regularly for security and compliance.\u003c/p\u003e\n"],["\u003cp\u003eExposed authentication keys for the GDC air-gapped appliance must be rotated immediately.\u003c/p\u003e\n"],["\u003cp\u003eKey rotation for GDC air-gapped appliance requires SSH access to the three nodes and \u003ccode\u003ekubectl\u003c/code\u003e access to the root admin cluster.\u003c/p\u003e\n"]]],[],null,["# Rotate storage authentication keys\n\nGoogle Distributed Cloud (GDC) air-gapped appliance has a software-defined storage provider with its own authentication system where each identity (core service or client) has an associated name and a key.\n\nThis document describes the steps to rotate the authentication keys that must be performed\nfor:\n\n- regularly scheduled key rotation to ensure that the device is compliant and secure.\n- key exposure. You should rotate the exposed key as soon as possible.\n\nBefore you begin\n----------------\n\nComplete the following steps:\n\n1. You meet the [laptop prerequisites](/distributed-cloud/hosted/docs/latest/appliance/admin/laptop).\n2. You are able to SSH into the three nodes and execute software-defined storage CLI commands.\n3. You are able to log as admin in to the root admin cluster via `kubectl`.\n\nKey locations\n-------------\n\nContent restricted to approved operating partners. Contact your account manager for access to this page.\n\n\u003cbr /\u003e"]]