Merge "Content moved to Keystone Account Password Rules (r6)"

doc/source/security/openstack/index-security-os-a2375141dcc2.rst

@@ -19,7 +19,6 @@ Keystone Accounts
    openstack-keystone-accounts
    security-system-account-password-rules
    openstack-login-protection
-   update-keystone-service-bb6a67e18d36
 
 -----------------
 Access the system

doc/source/security/openstack/security-system-account-password-rules.rst

@@ -8,7 +8,7 @@ Keystone Account Password Rules
 
 |prod-os| enforces a set of strength requirements for new or changed passwords.
 
-The following rules apply:
+By default, the following rules apply:
 
 
 .. _security-system-account-password-rules-ul-jwb-g15-zw:
@@ -28,5 +28,40 @@ The following rules apply:
 
     -   at least one special character
 
+The Keystone service can be configured to use customized password rules. For
+more information, see the keystone documentation: `Configuring password
+strength requirements
+<https://docs.openstack.org/keystone/ussuri/admin/configuration.html#configuring-password-strength-requirements>`__.
 
+The steps below can be used as a reference to update the Keystone service via
+``helm-override`` to customize the password rules and their description.
+
+#.  Create the yaml override file with the following contents:
+
+    .. code-block:: none
+
+        conf:
+            keystone:
+                security_compliance:
+                    password_regex: ^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[!@#$%^&*()<>{}+=_\\\[\]\-?|~`,.;:]).{12,}$
+                    password_regex_description: Password must have a minimum length of 12 characters, and must contain at least 1 upper case, 1 lower case, 1 digit, and 1 special character
+                    unique_last_password_count = 5
+
+#.  Update the Keystone helm overrides.
+
+    .. parsed-literal::
+
+        system helm-override-update |prefix|-openstack keystone openstack --reuse-values --values keystone-password-override.yaml
+
+#.  Apply the new overrides.
+
+    .. parsed-literal::
+
+        system application-apply |prefix|-openstack
+
+#.  Wait for apply to complete.
+
+    .. code-block:: none
+
+        watch system application-list
 

doc/source/security/openstack/update-keystone-service-bb6a67e18d36.rst

@@ -1,38 +0,0 @@
-.. _update-keystone-service-bb6a67e18d36:
-
-=======================
-Update Keystone Service
-=======================
-
-.. rubric:: |context|
-
-The Keystone service can be configured to use customized regular expressions
-for password validation. For more information, see the keystone documentation:
-`Configuring password strength requirements
-<https://docs.openstack.org/keystone/ussuri/admin/configuration.html#configuring-password-strength-requirements>`__.
-
-
-.. rubric:: |proc|
-
-The steps below can be used as a reference to update the Keystone service via
-``helm-override`` to customize the password validation regular expression and
-description.
-
-Create the override file and update the keystone service.
-
-#.  Create the yaml override with the following contents:
-
-    .. code-block:: none
-
-        conf:
-            keystone:
-                security_compliance:
-                    password_regex: ^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[!@#$%^&*()<>{}+=_\\\[\]\-?|~`,.;:]).{12,}$
-                    password_regex_description: Password must have a minimum length of 12 characters, and must contain at least 1 upper case, 1 lower case, 1 digit, and 1 special character
-
-#.  Apply the override:
-
-    .. parsed-literal::
-
-        system helm-override-update |prefix|-openstack keystone openstack --reuse-values --values keystone-password-override.yaml
-