I have a task with two steps
I found the file I need to update it is under : /opt/splunk/etc/system/local/authentication.conf, I can create an APP folder on deployer such as /opt/splunk/etc/shcluster/apps/EXAMPLE_PASSWORD_COMPLEXITY_APP
How do I rout that the file inside updates the file in /opt/splunk/etc/system/local/authentication.conf
And on point 2. if anyone has the API Call to update SH password for local account I woul appreciate it .
you cannot push anything from deployer to SHC's members .../etc/system/local.
The correct way it use separate app for SHC generic configurations and put those there. Then you must remove everything what has added via GUI from .../etc/system/local/authentication.conf. You could try to clean your local changes by GUI and check if those are removed from fs. If not then the last option is stop your SHC and then remove those by hand from files one by one.
When you have SHC or actually any other SH the best practices is use e.g. AD or any SAML authentication to manage your users in any corporate environments. Then you should have this kind of policies implemented already on your master IDM system.
You could change password e.g. like this https://community.splunk.com/t5/Getting-Data-In/how-to-change-user-password-using-rest-url-without-u... Just replace localhost with your SHC REST api address.