Merge branch 'main' into rseldner-patch-1

Author: rseldner

.github/ISSUE_TEMPLATE/internal-request.yaml

@@ -63,7 +63,9 @@ body:
         - 'N/A'
         - '8.17'
         - '8.18'
+        - '8.19'
         - '9.0'
+        - '9.1'
       default: 0
     validations:
       required: true

.github/ISSUE_TEMPLATE/ui-copy-request.yaml

@@ -0,0 +1,81 @@
+name: "UI copy request"
+description: Submit a UI copy-related request to the documentation team.
+title: "[UI copy]: "
+labels: "ui-copy"
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Hello! Use this form to submit a UI copy related request to Elastic's documentation team. You should also directly contact the specific writer or docs team that's responsibile for the applicable part of the product, especially for time-sensitive requests. 
+        > [!WARNING]  
+        > THIS IS A PUBLIC REPO. DO NOT INCLUDE SENSITIVE INFORMATION HERE.
+  - type: textarea
+    id: description
+    attributes:
+      label: Description
+      description: Summarize your request here. What is the work and how can we help? Do we need to write new copy, or edit existing copy? Feel free to include screenshots.
+      placeholder: |
+        What: We're introducing new feature A. We need a writer to review the UI copy.
+        When: This feature will launch at the completion of project B.
+        Why: This feature will make X, Y, and Z easier for the user.
+    validations:
+      required: true
+  - type: textarea
+    id: related
+    attributes:
+      label: Related links / assets
+      description: Where can the documentation team learn more about this feature?
+      value: |
+        Please include each of the following, if applicable:
+        Figma link(s):
+        Github epic link(s):
+        Github issue link(s):
+        How to find the text in a production environment:
+        Testing environment information:
+        NOTE: To keep sensitive information such as credentials secure, do not include it in this form.
+    validations:
+      required: true
+  - type: dropdown
+    id: product-area
+    attributes:
+      label: Which product area does this mainly concern?
+      options:
+        - Cloud UI
+        - Search solution
+        - Observability solution
+        - Security solution
+        - Kibana Analytics (Discover, Dashboards...)
+        - Kibana Management
+        - Something else
+      default: 0
+    validations:
+      required: true
+  - type: textarea
+    id: collaborators
+    attributes:
+      label: Collaborators
+      description: Please include contact information for the responsible product manager, designer, and developer.
+      value: |
+        PM:
+        Designer: 
+        Developer:
+        Others (if applicable):
+    validations:
+      required: true
+  - type: textarea
+    id: timeline
+    attributes:
+      label: Timeline / deliverables
+      description: When would it be ideal for for us to complete the request? What deliverables do you need, and when? If applicable, how do the release timelines for this feature differ between serverless / stateful? 
+      placeholder: |
+        For example:
+
+        We need a final draft of the new UI copy no later than December 5, ideally by December 1. No differences between serverless/ESS. 
+
+        This is an urgent request, it would be great to have updated copy for A and B ASAP, since the original copy is already in production. No differences between serverless/ESS. 
+    validations:
+      required: true
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for submitting this issue! We'll be in contact shortly. 

cloud-account/multifactor-authentication.md

@@ -8,23 +8,19 @@ applies:
 
 # Multifactor authentication [ec-account-security-mfa]
 
-If you use a password-based login, Elastic requires you to enable multifactor authentication (MFA) for added security on your {{ecloud}} account.
-
-You can choose from the following methods:
+Multifactor authentication (MFA) is **mandatory** when you log in to {{ecloud}} using a standard email/password combination, and can't be turned off. It helps protecting your account by adding an extra identity verification step when you log in. You can choose and define the MFA method to use based on your preference:
 
 * Set up an **authenticator app** such as Google Authenticator, Microsoft Authenticator, or Okta Verify. These apps generate a time-based one-time password (TOTP) that you enter along with your password when you log in.
 * Authenticate using a **hardware security key or biometric data**, such as a YubiKey or a fingerprint reader.
 * Receive a verification code through **email**. You enter this code along with your password when you log in.
 
-Elastic recommends that you enable multiple methods so that you can still access your account if you lose access to one method.
-
-If you use only a Google or Microsoft account to log in, then you can’t configure MFA in {{ecloud}}. You can check and manage your multifactor authentication options in your Google or Microsoft account security settings.
-
 ::::{note} 
-You can no longer configure SMS as a multifactor authentication method. If you already use SMS for multifactor authentication, then you can continue using it. You’ll be prompted to switch to a new MFA method in the future.
-
+You can no longer configure SMS as a multifactor authentication method. 
 ::::
 
+Elastic recommends that you enable multiple methods so that you can still access your account if you lose access to one method.
+
+If you use only a Google or Microsoft account to log in, then you can’t configure MFA in {{ecloud}}. You can check and manage your multifactor authentication options in your Google or Microsoft account security settings.
 
 ## Configure an authenticator app [ec-account-security-mfa-authenticator]
 

deploy-manage/autoscaling/autoscaling-in-eck.md

@@ -222,7 +222,7 @@ kubectl get elasticsearchautoscaler autoscaling-sample \
     -o jsonpath='{ .status.conditions }' | jq
 ```
 
-```json
+```json subs=true
 [
  {
    "lastTransitionTime": "2022-09-09T08:07:10Z",

deploy-manage/cloud-organization/billing/billing-models.md

@@ -71,13 +71,13 @@ Based on these four key concepts, the prepaid consumption lifecycle is as follow
 1. You purchase credits expressed in ECU, typically at a discount.
 2. You begin using {{ecloud}} resources.
 3. At every billing cycle (which takes place on the first of each month), the previous month's usage, expressed in ECU, is deducted from your ECU balance.
-4. If your ECU balance is depleted before the credit expiration date, you are invoiced for on-demand usage in arrears at list price. On-demand usage is expressed in ECU, and is converted to currency amounts for invoicing purposes.¹
+4. If your ECU balance is depleted before the credit expiration date, you are invoiced for on-demand usage in arrears at list price. On-demand usage is expressed in ECU, and is converted to currency amounts for invoicing purposes.[^1^](#footnote-1)
 5. At the end of the contract period, any credits remaining in your balance are forfeited.
-6. During the contract period, you can purchase additional credits at any time (as an add-on). This can be done with the same discount as the original purchase. Credits purchased through an add-on have the same expiration as the original purchase.²
+6. During the contract period, you can purchase additional credits at any time (as an add-on). This can be done with the same discount as the original purchase. Credits purchased through an add-on have the same expiration as the original purchase.[^2^](#footnote-2)
 
-¹ When you renew your contract or commit to a multi-year contract, any on-demand usage incurred in the years other than the last are billed with the same discount as the original purchase.
+^1^ $$$footnote-1$$$ When you renew your contract or commit to a multi-year contract, any on-demand usage incurred in the years other than the last are billed with the same discount as the original purchase.
 
-² Purchasing credits through early renewals, or through add-ons with different expiration dates will be available in the near future.
+^2^ $$$footnote-2$$$ Purchasing credits through early renewals, or through add-ons with different expiration dates will be available in the near future.
 
 ::::{note}
 Existing annual+overages customers will be able to switch to prepaid consumption when they renew or sign a new contract. Existing manual burndown customers will be migrated gradually to prepaid consumption in the near future. Exceptions apply.

deploy-manage/deploy/cloud-enterprise/ce-add-support-for-node-roles-autoscaling.md

@@ -30,7 +30,7 @@ There are a number of fields that need to be added to each {{es}} node in order
 
 The following example is based on the `default` system owned deployment template that already supports `node_roles`. This template will be used as a reference for the next sections:
 
-::::{dropdown} Reference example with support for `node_roles`
+::::{dropdown} Reference example with support for node_roles
 :name: ece-node-roles-support-example
 
 ```json
@@ -363,7 +363,7 @@ It is recommended to add the `id` field to each {{es}} topology element in the d
 
 The existing template contains three {{es}} topology elements and two resources (`elasticsearch` and `kibana`).
 
-::::{dropdown} Custom example without support for `node_roles`
+::::{dropdown} Custom example without support for node_roles
 ```json
 {
   ...
@@ -471,7 +471,7 @@ Then, it is only necessary to add the four {{es}} topology elements (`warm`, `co
 
 After adding support for `node_roles`, the resulting deployment template should look similar to the following:
 
-::::{dropdown} Custom example with support for `node_roles`
+::::{dropdown} Custom example with support for node_roles
 :name: example-with-support-for-node-roles
 
 ```json
@@ -772,7 +772,7 @@ These fields represent the default settings for the deployment. However, autosca
 
 Similar to the `node_roles` example, the following one is also based on the `default` deployment template that already supports `node_roles` and autoscaling. This template will be used as a reference for the next sections:
 
-::::{dropdown} Reference example with support for `node_roles` and autoscaling
+::::{dropdown} Reference example with support for node_roles and autoscaling
 ```json
 {
   ...
@@ -1102,7 +1102,7 @@ To update a custom deployment template:
 
 After adding support for autoscaling to the [example](#ece-node-roles-support-example) presented in the previous section, the resulting deployment template should look similar to the following:
 
-::::{dropdown} Custom example with support for `node_roles` and autoscaling
+::::{dropdown} Custom example with support for node_roles and autoscaling
 ```json
 {
   ...
@@ -1780,7 +1780,7 @@ After the migration plan has finished, we recommend following the [Migrate index
 
 The following is an example of a deployment plan that does not contain `node_roles`:
 
-::::{dropdown} Example deployment plan with `node_type`
+::::{dropdown} Example deployment plan with node_type
 ```json
 {
   "name": "Example deployment",
@@ -1924,7 +1924,7 @@ The following is an example of a deployment plan that does not contain `node_rol
 
 After adding support for `node_roles` to the example deployment plan, the resulting plan should look similar to the following:
 
-::::{dropdown} Example deployment plan with `node_roles`
+::::{dropdown} Example deployment plan with node_roles
 ```json
 {
   "name": "Example deployment",

deploy-manage/deploy/cloud-enterprise/ece-install-offline-no-registry.md

@@ -27,7 +27,7 @@ To perform an offline installation without a private Docker registry, you have t
     For example, for {{ece}} 4.0.0 and the {{stack}} versions it shipped with, you need:
 
     * {{ece}} 4.0.0
-    * {es} 9.0.0, {{kib}} 9.0.0, and APM 9.0.0
+    * {{es}} 9.0.0, {{kib}} 9.0.0, and APM 9.0.0
 
 2. Create .tar files of the images:
 

deploy-manage/deploy/cloud-enterprise/ece-wildcard-dns.md

@@ -10,6 +10,8 @@ mapped_pages:
 
 ::::{warning} 
 Don't use `ip.es.io` for production systems. Set up your own domain name and DNS resolver for production. We do not guarantee uptime with `ip.es.io`.
+
+`ip.es.io` is intended for use only by {{ece}} customers. We may, acting in our sole discretion, immediately terminate, suspend, or block any unauthorized users or uses without notice.  
 ::::
 
 By default, {{ece}} uses the external `ip.es.io` service provided by Elastic to resolve virtual {{es}} cluster host names in compliance with RFC1918. The service works by resolving host names of the form `<ip>.ip.es.io` to `<ip>`. In the case of {{ece}}, each cluster is assigned a virtual host name of the form `<cluster id>.<proxy ip address>.ip.es.io:<port>`, such as `6dfc65aae62341e18a8b7692dcc97186.10.8.156.132.ip.es.io:9243`. The `ip.es.io` service simply resolves the virtual host name of the cluster to the proxy address which is specified during installation, `10.8.156.132` in our example, so that client requests are sent to the proxy. The proxy then extracts the cluster ID from the virtual host name of the cluster and uses its internal routing table to route the request to the right allocator.
@@ -18,3 +20,5 @@ The `ip.es.io` service is provided to help you evaluate {{ece}} without having t
 
 A wildcard certificate is enabled based on the deployment domain name. For more information on modifying the deployment domain name, check [Configure endpoints](change-endpoint-urls.md). The deployment domain name also determines the endpoint URLs that are displayed in the Cloud UI.
 
+Report security issues to [email protected]. 
+

deploy-manage/deploy/cloud-enterprise/enable-custom-endpoint-aliases.md

@@ -10,7 +10,7 @@ mapped_pages:
 
 Custom endpoint aliases allow users to replace the UUID for each application with a human readable string. Platform administrators must enable this feature to allow deployment managers to create and modify aliases for their deployments.
 
-::::{note} 
+::::{note}
 You need to update your proxy certificates to support this feature.
 ::::
 
@@ -20,16 +20,16 @@ After installing or upgrading to version 2.10 or later:
 1. [Login to the Cloud UI](log-into-cloud-ui.md)
 2. [Update your proxy certificate(s)](../../security/secure-your-elastic-cloud-enterprise-installation/manage-security-certificates.md). In addition to currently configured domains, additional SAN entries must be configured for each application-specific subdomain:
 
-    ::::{note} 
+    ::::{note}
     If you are not using wildcard certificates, you need to repeat this process for each deployment to account for specific aliases.
     ::::
 
 
-    * For {{es}}, the certificate needs to allow for ***.es.<your-domain>**
-    * For {{kib}}, the certificate needs to allow for ***.kb.<your-domain>**
-    * For APM, the certificate needs to allow for ***.apm.<your-domain>**
-    * For Fleet, the certificate needs to allow for ***.fleet.<your-domain>**
-    * For Universal Profiling, the certificate needs to allow for ***.profiling.<your-domain>** and ***.symbols.<your-domain>**
+    * For {{es}}, the certificate needs to allow for **\*.es.<your-domain>**
+    * For {{kib}}, the certificate needs to allow for **\*.kb.<your-domain>**
+    * For APM, the certificate needs to allow for **\*.apm.<your-domain>**
+    * For Fleet, the certificate needs to allow for **\*.fleet.<your-domain>**
+    * For Universal Profiling, the certificate needs to allow for **\*.profiling.<your-domain>** and **\*.symbols.<your-domain>**
 
 3. In the **Platform** menu, select **Settings**.
 4. Under the **Enable custom endpoint alias naming**, toggle the setting to allow platform administrators and deployment managers to choose a simplified, unique URL for the endpoint.

deploy-manage/deploy/cloud-enterprise/manage-elastic-stack-versions.md

@@ -45,7 +45,7 @@ $$$ece-elastic-stack-stackpacks-recent$$$
 
 Following is the full list of available packs containing {{stack}} versions. Note that Enterprise Search was introduced with ECE 2.6.0 and requires that version or higher.
 
-::::{dropdown} **Expand to view the full list**
+::::{dropdown} Expand to view the full list
 | Required downloads | Minimum required ECE version |
 | --- | --- |
 | [{{es}}, {{kib}}, and APM stack pack: 9.0.0](https://download.elastic.co/cloud-enterprise/versions/9.0.0.zip) | ECE 4.0.0 |