diff --git a/doc/source/security/openstack/index-security-os-a2375141dcc2.rst b/doc/source/security/openstack/index-security-os-a2375141dcc2.rst index 548019c20..297ecfadf 100644 --- a/doc/source/security/openstack/index-security-os-a2375141dcc2.rst +++ b/doc/source/security/openstack/index-security-os-a2375141dcc2.rst @@ -19,6 +19,7 @@ Keystone Accounts openstack-keystone-accounts security-system-account-password-rules openstack-login-protection + update-keystone-service-bb6a67e18d36 ----------------- Access the system diff --git a/doc/source/security/openstack/update-keystone-service-bb6a67e18d36.rst b/doc/source/security/openstack/update-keystone-service-bb6a67e18d36.rst new file mode 100644 index 000000000..30d9c985d --- /dev/null +++ b/doc/source/security/openstack/update-keystone-service-bb6a67e18d36.rst @@ -0,0 +1,38 @@ +.. _update-keystone-service-bb6a67e18d36: + +======================= +Update Keystone Service +======================= + +.. rubric:: |context| + +The Keystone service can be configured to use customized regular expressions +for password validation. For more information, see the keystone documentation: +`Configuring password strength requirements +`__. + + +.. rubric:: |proc| + +The steps below can be used as a reference to update the Keystone service via +``helm-override`` to customize the password validation regular expression and +description. + +Create the override file and update the keystone service. + +#. Create the yaml override with the following contents: + + .. code-block:: none + + conf: + keystone: + security_compliance: + password_regex: ^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[!@#$%^&*()<>{}+=_\\\[\]\-?|~`,.;:]).{12,}$ + password_regex_description: Password must have a minimum length of 12 characters, and must contain at least 1 upper case, 1 lower case, 1 digit, and 1 special character + +#. Apply the override: + + .. parsed-literal:: + + system helm-override-update |prefix|-openstack keystone openstack --reuse-values --values keystone-password-override.yaml +