Add latest changes from gitlab-org/gitlab@master

1 files changed, 36 insertions, 17 deletions

diff --git a/doc/user/admin_area/settings/package_registry_rate_limits.md b/doc/user/admin_area/settings/package_registry_rate_limits.md
index 6e7b9b0da30..1aeb011d880 100644
--- a/doc/user/admin_area/settings/package_registry_rate_limits.md
+++ b/doc/user/admin_area/settings/package_registry_rate_limits.md
@@ -7,28 +7,47 @@ type: reference
 
 # Package Registry Rate Limits **(FREE SELF)**
 
-Rate limiting is a common technique used to improve the security and durability of a web
-application. For more details, see [Rate limits](../../../security/rate_limits.md). General user and
-IP rate limits can be enforced from the top bar at
-**Menu > Admin > Settings > Network > User and IP rate limits**.
-For more details, see [User and IP rate limits](user_and_ip_rate_limits.md).
-
 With the [GitLab Package Registry](../../packages/package_registry/index.md),
 you can use GitLab as a private or public registry for a variety of common package managers. You can
 publish and share packages, which others can consume as a dependency in downstream projects through
 the [Packages API](../../../api/packages.md).
 
-When downloading such dependencies in downstream projects, many requests are made through the
-Packages API. You may therefore reach enforced user and IP rate limits. To address this issue, you
-can define specific rate limits for the Packages API in
-**Menu > Admin > Settings > Network > Package Registry Rate Limits**:
+If downstream projects frequently download such dependencies, many requests are made through the
+Packages API. You may therefore reach enforced [user and IP rate limits](user_and_ip_rate_limits.md).
+To address this issue, you can define specific rate limits for the Packages API:
+
+- [Unauthenticated requests (per IP)](#enable-unauthenticated-request-rate-limit-for-packages-api).
+- [Authenticated API requests (per user)](#enable-authenticated-api-request-rate-limit-for-packages-api).
+
+These limits are disabled by default.
+
+When enabled, they supersede the general user and IP rate limits for requests to
+the Packages API. You can therefore keep the general user and IP rate limits, and
+increase the rate limits for the Packages API. Besides this precedence, there is
+no difference in functionality compared to the general user and IP rate limits.
+
+## Enable unauthenticated request rate limit for packages API
+
+To enable the unauthenticated request rate limit:
+
+1. On the top bar, select **Menu > Admin**.
+1. On the left sidebar, select **Settings > Network**, and expand **Package registry rate limits**.
+1. Select **Enable unauthenticated request rate limit**.
+
+   - Optional. Update the **Maximum unauthenticated requests per rate limit period per IP** value.
+     Defaults to `800`.
+   - Optional. Update the **Unauthenticated rate limit period in seconds** value.
+     Defaults to `15`.
+
+## Enable authenticated API request rate limit for packages API
 
-- Unauthenticated Packages API requests
-- Authenticated Packages API requests
+To enable the authenticated API request rate limit:
 
-These limits are disabled by default. When enabled, they supersede the general user and IP rate
-limits for requests to the Packages API. You can therefore keep the general user and IP rate limits,
-and increase (if necessary) the rate limits for the Packages API.
+1. On the top bar, select **Menu > Admin**.
+1. On the left sidebar, select **Settings > Network**, and expand **Package registry rate limits**.
+1. Select **Enable authenticated API request rate limit**.
 
-Besides this precedence, there are no differences in functionality compared to the general user and
-IP rate limits. For more details, see [User and IP rate limits](user_and_ip_rate_limits.md).
+   - Optional. Update the **Maximum authenticated API requests per rate limit period per user** value.
+     Defaults to `1000`.
+   - Optional. Update the **Authenticated API rate limit period in seconds** value.
+     Defaults to `15`.