Add audit event about SSH key expiration
Problem to solve
After adding an optional expiration date for SSH keys, we will need to provide functionality that provides credential management to Administrators
and Group Owners
. When a compliance-minded organization needs to implement credential rotation, they need two things: visibility and enforcement capabilities.
Additional details
#36243 (closed) provides a way for Users
to optionally set their own SSH key expiration dates. This issue will need to improve the experience for managing those credentials by Group Owners
and Administrators
.
An expired SSH key should not completely halt an individual's productivity, but customers should also have some flexibility in defining this behavior.
Proposal
Generate an audit event for the SSH key expiration and notify the User
. Group Owners
and Administrators
should be notified about expiry by providing a visual indicator in the credential inventory.