[Sftp] Add module help page (#28606)

Author: VeryEarly

src/Sftp/Sftp/Az.Sftp.psd1

@@ -109,7 +109,7 @@ PrivateData = @{
         # ReleaseNotes of this module
         ReleaseNotes = '* Initial release of Az.Sftp module providing Azure Storage SFTP support
 * Connect-AzSftp: Establish SFTP connections to Azure Storage accounts with multiple authentication modes
-* New-AzSftpCertificate: Generate SSH certificates using Azure AD credentials for SFTP authentication
+* New-AzSftpCertificate: Generate SSH certificates using Microsoft Entra credentials for SFTP authentication
 * Support for automatic certificate generation, certificate-based authentication, and key-based authentication
 * Cross-platform support for Windows, Linux, and macOS
 * Integration with Azure PowerShell authentication context'

src/Sftp/Sftp/CHANGELOG.md

@@ -20,7 +20,7 @@
 
 ## Upcoming Release
 * Initial release of Az.Sftp module
-* Added `New-AzSftpCertificate` cmdlet for generating SSH certificates using Azure AD credentials
+* Added `New-AzSftpCertificate` cmdlet for generating SSH certificates using Microsoft Entra credentials
     - Automatic SSH key pair generation
     - Certificate generation for existing public keys
     - Support for custom certificate paths

src/Sftp/Sftp/Models/PSCertificateInfo.cs

@@ -47,7 +47,7 @@ public class PSCertificateInfo
         public DateTime? ValidUntil { get; set; }
 
         /// <summary>
-        /// Azure AD principal used for certificate generation
+        /// Microsoft Entra principal used for certificate generation
         /// </summary>
         public string Principal { get; set; }
 

src/Sftp/Sftp/README.md

@@ -2,7 +2,7 @@
 This module provides PowerShell cmdlets for securely connecting to Azure Storage accounts using SFTP (SSH File Transfer Protocol).
 
 ## Overview
-Az.Sftp enables you to establish secure SFTP connections to Azure Storage accounts with hierarchical namespace enabled. The module supports multiple authentication modes including automatic Azure AD certificate generation.
+Az.Sftp enables you to establish secure SFTP connections to Azure Storage accounts with hierarchical namespace enabled. The module supports multiple authentication modes including automatic Microsoft Entra certificate generation.
 
 ## Requirements
 - Azure Storage account with SFTP enabled
@@ -20,7 +20,7 @@ Install-Module -Name Az.Sftp
 # Connect to Azure
 Connect-AzAccount
 
-# Connect to storage account using Azure AD authentication
+# Connect to storage account using Microsoft Entra authentication
 Connect-AzSftp -StorageAccount "mystorageaccount"
 ```
 

src/Sftp/Sftp/SftpCommands/ConnectAzSftpCommand.cs

@@ -52,7 +52,7 @@ public class ConnectAzSftpCommand : SftpBaseCmdlet
         public int? Port { get; set; }
 
         [Parameter(Mandatory = false, ParameterSetName = DefaultParameterSet, HelpMessage = "Path to SSH certificate file for authentication. If not provided, a certificate will be generated automatically.")]
-        [Parameter(Mandatory = true, ParameterSetName = CertificateAuthParameterSet, HelpMessage = "Path to SSH certificate file for authentication. Must be generated with New-AzSftpCertificate or compatible Azure AD certificate.")]
+        [Parameter(Mandatory = true, ParameterSetName = CertificateAuthParameterSet, HelpMessage = "Path to SSH certificate file for authentication. Must be generated with New-AzSftpCertificate or compatible Microsoft Entra certificate.")]
         [ValidateNotNullOrEmpty]
         public string CertificateFile { get; set; }
 
@@ -67,7 +67,7 @@ public class ConnectAzSftpCommand : SftpBaseCmdlet
         [ValidateNotNullOrEmpty]
         public string PublicKeyFile { get; set; }
 
-        [Parameter(Mandatory = true, ParameterSetName = LocalUserAuthParameterSet, HelpMessage = "Username for a local user configured on the storage account. When specified, uses local user authentication instead of Azure AD.")]
+        [Parameter(Mandatory = true, ParameterSetName = LocalUserAuthParameterSet, HelpMessage = "Username for a local user configured on the storage account. When specified, uses local user authentication instead of Microsoft Entra.")]
         [ValidateNotNullOrEmpty]
         public string LocalUser { get; set; }
 
@@ -114,10 +114,10 @@ protected override void ProcessRecord()
             switch (ParameterSetName)
             {
                 case DefaultParameterSet:
-                    // Azure AD authentication (automatic certificate generation)
+                    // Microsoft Entra authentication (automatic certificate generation)
                     if (string.IsNullOrEmpty(CertificateFile) && string.IsNullOrEmpty(PublicKeyFile) && string.IsNullOrEmpty(PrivateKeyFile))
                     {
-                        WriteVerbose("Fully managed mode: No credentials provided, using Azure AD authentication");
+                        WriteVerbose("Fully managed mode: No credentials provided, using Microsoft Entra authentication");
                         autoGenerateCert = true;
                         deleteCert = true;
                         deleteKeys = true;
@@ -132,7 +132,7 @@ protected override void ProcessRecord()
                     }
                     else
                     {
-                        WriteVerbose("Using provided keys for Azure AD certificate generation");
+                        WriteVerbose("Using provided keys for Microsoft Entra certificate generation");
                         autoGenerateCert = true;
                         deleteCert = true;
                     }
@@ -155,7 +155,7 @@ protected override void ProcessRecord()
                     }
 
                     Host.UI.WriteLine(ConsoleColor.Blue, Host.UI.RawUI.BackgroundColor,
-                                    autoGenerateCert ? "Generating temporary credentials using Azure AD authentication..."
+                                    autoGenerateCert ? "Generating temporary credentials using Microsoft Entra authentication..."
                                                     : "Using provided certificate for authentication...");
                     break;
 

src/Sftp/Sftp/SftpCommands/NewAzSftpCertificateCommand.cs

@@ -23,7 +23,7 @@
 namespace Microsoft.Azure.PowerShell.Cmdlets.Sftp.SftpCommands
 {
     /// <summary>
-    /// Generate SSH certificate for SFTP authentication using Azure AD
+    /// Generate SSH certificate for SFTP authentication using Microsoft Entra
     /// </summary>
     [Cmdlet(VerbsCommon.New, "AzSftpCertificate", DefaultParameterSetName = DefaultParameterSet, SupportsShouldProcess = true)]
     [OutputType(typeof(PSCertificateInfo))]
@@ -43,12 +43,12 @@ public class NewAzSftpCertificateCommand : SftpBaseCmdlet
         [Alias("OutputFile", "o")]
         public string CertificatePath { get; set; }
 
-        [Parameter(Mandatory = true, ParameterSetName = FromPublicKeyParameterSet, HelpMessage = "Path to existing SSH public key file for which to generate a certificate using Azure AD.")]
+        [Parameter(Mandatory = true, ParameterSetName = FromPublicKeyParameterSet, HelpMessage = "Path to existing SSH public key file for which to generate a certificate using Microsoft Entra.")]
         [ValidateNotNullOrEmpty]
         [Alias("p")]
         public string PublicKeyFile { get; set; }
 
-        [Parameter(Mandatory = true, ParameterSetName = FromPrivateKeyParameterSet, HelpMessage = "Path to existing SSH private key file. The corresponding public key will be used to generate a certificate using Azure AD.")]
+        [Parameter(Mandatory = true, ParameterSetName = FromPrivateKeyParameterSet, HelpMessage = "Path to existing SSH private key file. The corresponding public key will be used to generate a certificate using Microsoft Entra.")]
         [Parameter(Mandatory = false, ParameterSetName = DefaultParameterSet, HelpMessage = "Path to existing SSH private key file. If provided, uses the corresponding public key for certificate generation.")]
         [Parameter(Mandatory = false, ParameterSetName = LocalUserParameterSet, HelpMessage = "Path to existing SSH private key file for local user certificate generation.")]
         [ValidateNotNullOrEmpty]
@@ -72,7 +72,7 @@ protected override void ProcessRecord()
 
             string target = !string.IsNullOrEmpty(LocalUser) 
                 ? $"SSH certificate for local user '{LocalUser}'" 
-                : "SSH certificate for Azure AD authentication";
+                : "SSH certificate for Microsoft Entra authentication";
 
             if (!ShouldProcess(target, 
                               $"Do you want to create {target}?",
@@ -197,7 +197,7 @@ protected override void ProcessRecord()
                 // Check for cancellation before authentication
                 CmdletCancellationToken.ThrowIfCancellationRequested();
 
-                // Use different authentication method for local user vs Azure AD
+                // Use different authentication method for local user vs Microsoft Entra
                 string certFile;
                 string username;
 
@@ -212,7 +212,7 @@ protected override void ProcessRecord()
                 }
                 else
                 {
-                    // Standard Azure AD authentication
+                    // Standard Microsoft Entra authentication
                     var (cf, un) = FileUtils.GetAndWriteCertificate(
                         DefaultContext, actualPublicKeyFile, CertificatePath, SshClientFolder, CmdletCancellationToken);
                     certFile = cf;

src/Sftp/Sftp/UX/Microsoft.Storage/sftp.json

@@ -31,7 +31,7 @@
       },
       "examples": [
         {
-          "description": "Connect to Azure Storage SFTP with automatic Azure AD authentication.",
+          "description": "Connect to Azure Storage SFTP with automatic Microsoft Entra authentication.",
           "parameters": [
             {
               "name": "-StorageAccount",
@@ -77,7 +77,7 @@
     },
     {
       "name": "New-AzSftpCertificate",
-      "description": "Generate SSH certificates for Azure Storage SFTP authentication using Azure AD credentials.",
+      "description": "Generate SSH certificates for Azure Storage SFTP authentication using Microsoft Entra credentials.",
   "path": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Storage/storageAccounts/{certificatePath}",
       "help": {
         "learnMore": {

src/Sftp/Sftp/help/Az.Sftp.md

@@ -0,0 +1,19 @@
+---
+Module Name: Az.Sftp
+Module Guid: a1832bbb-ec22-4694-9450-cdf6ee642705
+Download Help Link: https://learn.microsoft.com/powershell/module/az.sftp
+Help Version: 0.0.1.0
+Locale: en-US
+---
+
+# Az.Sftp Module
+## Description
+SFTP module for Azure Storage. Provides cmdlets to generate SSH certificates and establish secure SFTP connections to Azure Storage accounts with hierarchical namespace enabled. For more information on Azure Storage SFTP support, please visit: https://learn.microsoft.com/en-us/azure/storage/blobs/secure-file-transfer-protocol-support
+
+## Az.Sftp Cmdlets
+### [Connect-AzSftp](Connect-AzSftp.md)
+Starts an interactive SFTP session to an Azure Storage Account.
+Users can login using Microsoft Entra accounts, or local user accounts via standard SSH authentication. Use Microsoft Entra account login for the best security and convenience.
+
+### [New-AzSftpCertificate](New-AzSftpCertificate.md)
+Generate SSH certificates for SFTP authentication using Microsoft Entra credentials.

src/Sftp/Sftp/help/Connect-AzSftp.md

@@ -43,7 +43,7 @@ Connect-AzSftp -StorageAccount <String> [-Port <Int32>] -LocalUser <String> [-Pr
 ## DESCRIPTION
 Start interactive SFTP session to an Azure Storage Account.
 Users can login using Microsoft Entra issued certificates or using local user credentials. We recommend login using Microsoft Entra issued certificates when possible.
-The target storage account must have SFTP enabled and hierarchical namespace (HNS) enabled. For Azure AD authentication, your Azure AD identity must have appropriate RBAC permissions such as Storage Blob Data Contributor or Storage Blob Data Owner.
+The target storage account must have SFTP enabled and hierarchical namespace (HNS) enabled. For Microsoft Entra authentication, your Microsoft Entra identity must have appropriate RBAC permissions such as Storage Blob Data Contributor or Storage Blob Data Owner.
 
 ## EXAMPLES
 
@@ -106,7 +106,7 @@ Connect-AzSftp -StorageAccount "mystorageaccount" -PrivateKeyFile "C:\keys\id_rs
 
 ### Example 10: Troubleshoot authentication issues
 ```powershell
-# Check Azure AD authentication status
+# Check Microsoft Entra authentication status
 Get-AzContext
 
 # Test certificate generation explicitly

src/Sftp/Sftp/help/New-AzSftpCertificate.md

@@ -8,7 +8,7 @@ schema: 2.0.0
 # New-AzSftpCertificate
 
 ## SYNOPSIS
-Generate SSH certificates for SFTP authentication using Azure AD credentials.
+Generate SSH certificates for SFTP authentication using Microsoft Entra credentials.
 
 ## SYNTAX
 
@@ -37,19 +37,19 @@ New-AzSftpCertificate [-CertificatePath <String>] -LocalUser <String> [-PrivateK
 ```
 
 ## DESCRIPTION
-The New-AzSftpCertificate cmdlet generates SSH certificates for SFTP authentication using your current Azure AD credentials. This cmdlet provides the same authentication methods and parameter sets as the Az.Ssh module, ensuring consistency across Azure PowerShell modules.
+The New-AzSftpCertificate cmdlet generates SSH certificates for SFTP authentication using your current Microsoft Entra credentials. This cmdlet provides the same authentication methods and parameter sets as the Az.Ssh module, ensuring consistency across Azure PowerShell modules.
 
 The cmdlet supports four authentication modes that align with the SSH module:
 
-**Default Mode (Azure AD Authentication)**: When no specific key files are provided, the cmdlet automatically generates a new SSH key pair and creates a certificate signed by Azure AD's trusted CA. This is the simplest approach for getting started with SFTP authentication.
+**Default Mode (Microsoft Entra Authentication)**: When no specific key files are provided, the cmdlet automatically generates a new SSH key pair and creates a certificate signed by Microsoft Entra's trusted CA. This is the simplest approach for getting started with SFTP authentication.
 
-**FromPublicKey Mode**: When a public key file is provided, the cmdlet generates a certificate for that specific key using Azure AD credentials. This is useful when you already have SSH public keys and want to use them for Azure Storage SFTP access.
+**FromPublicKey Mode**: When a public key file is provided, the cmdlet generates a certificate for that specific key using Microsoft Entra credentials. This is useful when you already have SSH public keys and want to use them for Azure Storage SFTP access.
 
-**FromPrivateKey Mode**: When a private key file is provided, the cmdlet generates the corresponding public key and creates a certificate using Azure AD credentials. This is helpful when you have existing private keys and want to create certificates for them.
+**FromPrivateKey Mode**: When a private key file is provided, the cmdlet generates the corresponding public key and creates a certificate using Microsoft Entra credentials. This is helpful when you have existing private keys and want to create certificates for them.
 
 **LocalUser Mode**: When a local user is specified, the cmdlet generates a certificate suitable for local user authentication on storage accounts. This can be combined with existing private keys or generate new ones, matching the SSH module's local user certificate capabilities.
 
-The generated certificates are typically valid for 1 hour and can be used with any SFTP client that supports SSH certificate authentication. The certificates are signed by Azure AD's trusted CA and will be accepted by Azure Storage accounts where your Azure AD identity has appropriate permissions.
+The generated certificates are typically valid for 1 hour and can be used with any SFTP client that supports SSH certificate authentication. The certificates are signed by Microsoft Entra's trusted CA and will be accepted by Azure Storage accounts where your Microsoft Entra identity has appropriate permissions.
 
 You must be signed in to Azure with an account that has appropriate RBAC permissions (such as Storage Blob Data Contributor or Storage Blob Data Owner) on the target storage accounts.
 
@@ -60,7 +60,7 @@ You must be signed in to Azure with an account that has appropriate RBAC permiss
 New-AzSftpCertificate
 ```
 
-This command generates a new SSH key pair and creates a certificate signed by Azure AD. The key pair and certificate are saved in the system temp directory with auto-generated filenames. This is the simplest way to get started with SFTP authentication.
+This command generates a new SSH key pair and creates a certificate signed by Microsoft Entra. The key pair and certificate are saved in the system temp directory with auto-generated filenames. This is the simplest way to get started with SFTP authentication.
 
 ### Example 2: Generate certificate with custom path
 ```powershell
@@ -74,7 +74,7 @@ This command generates a new SSH key pair and creates a certificate, saving the
 New-AzSftpCertificate -PrivateKeyFile "C:\keys\id_rsa" -CertificatePath "C:\certs\id_rsa.cert"
 ```
 
-This command generates a certificate from an existing SSH private key. The cmdlet will automatically derive the public key from the private key and create a certificate signed by Azure AD. This is useful when you have existing private keys and want to create certificates for them.
+This command generates a certificate from an existing SSH private key. The cmdlet will automatically derive the public key from the private key and create a certificate signed by Microsoft Entra. This is useful when you have existing private keys and want to create certificates for them.
 
 ### Example 4: Generate certificate from existing public key
 ```powershell