Trying out different tagging options

Author: yetanothertw

deploy-manage/users-roles/cluster-or-deployment-auth.md

@@ -4,11 +4,7 @@ mapped_pages:
   - https://www.elastic.co/guide/en/cloud-enterprise/current/ece-securing-clusters.html
   - https://www.elastic.co/guide/en/cloud/current/ec-security.html
 applies_to:
-  deployment:
-    ess: all
-    ece: all
-    eck: all
-    self: all
+  stack: all
 products:
   - id: cloud-enterprise
   - id: cloud-hosted
@@ -20,7 +16,11 @@ To prevent unauthorized access to your Elastic resources, you need a way to iden
 
 In this section, you’ll learn how to set up authentication and authorization at the cluster or deployment level, and learn about the underlying security technologies that {{es}} uses to authenticate and authorize requests internally and across services.
 
-This section only covers direct access to and communications with an {{es}} cluster - sometimes known as a deployment - as well as the related {{kib}} instance. To learn about managing access to your {{ecloud}} organization or {{ece}} orchestrator, or to learn how to use single sign-on to access a cluster using your {{ecloud}} credentials, refer to [Manage users and roles](/deploy-manage/users-roles.md).
+This section only covers direct access to and communications with an {{es}} cluster - sometimes known as a deployment - as well as the related {{kib}} instance. To learn about managing access to your {{ecloud}} organization or {{ece}} orchestrator, or to learn how to use single sign-on to access a cluster using your {{ecloud}} credentials, refer to [](/deploy-manage/users-roles.md).
+
+:::{admonition} Control access to {{serverless-short}} projects
+If you use {{serverless-full}}, you can only manage authentication at the [Elastic Cloud organization level](/deploy-manage/users-roles/cloud-organization.md).
+:::
 
 ## Quickstart
 
@@ -40,6 +40,12 @@ You can also learn the basics of {{es}} authentication, learn about accounts use
 
 [View all user authentication docs](/deploy-manage/users-roles/cluster-or-deployment-auth/user-authentication.md)
 
+:::{admonition} Control access to {{serverless-short}} projects
+This topic describes using the native realm at the cluster or deployment level, for the purposes of authenticating with {{es}} and {{kib}}.
+You can also manage and authenticate users natively at the [Elastic Cloud organization](/deploy-manage/users-roles/cloud-organization/manage-users.md) level.
+:::
+
+
 ### User authorization
 
 After a user is authenticated, use role-based access control to determine whether the user behind an incoming request is allowed to execute the request.
@@ -49,12 +55,20 @@ Key tasks for managing user authorization include:
 * [Defining roles](/deploy-manage/users-roles/cluster-or-deployment-auth/defining-roles.md)
 * Assigning [built-in roles](elasticsearch://reference/elasticsearch/roles.md) or your own roles to users
 * Creating [mappings of users and groups to roles](/deploy-manage/users-roles/cluster-or-deployment-auth/mapping-users-groups-to-roles.md) for external authentication providers
-* [Setting up field- and document-level security](/deploy-manage/users-roles/cluster-or-deployment-auth/controlling-access-at-document-field-level.md)
+* [Setting up field- and document-level security](/deploy-manage/users-roles/cluster-or-deployment-auth/controlling-access-at-document-field-level.md) {applies_to}`stack: ga` {applies_to}`serverless: ga` 
 
 You can also learn the basics of {{es}} authorization, and perform advanced tasks.
 
+[View all user authorization docs](/deploy-manage/users-roles/cluster-or-deployment-auth/user-roles.md)
+
 ::::{tip}
 User roles are also used to control access to [{{kib}} spaces](/deploy-manage/manage-spaces.md).
 ::::
 
-[View all user authorization docs](/deploy-manage/users-roles/cluster-or-deployment-auth/user-roles.md)
+
+
+:::{admonition} Built-in and custom roles in {{serverless-short}}
+This topic describes built-in roles in {{stack}} clusters and deployments and explains how to create custom ones. You can also learn about [organization-level](/deploy-manage/users-roles/cloud-organization/user-roles.md#ec_organization_level_roles) roles and [cloud resource access roles](/deploy-manage/users-roles/cloud-organization/user-roles.md#ec_instance_access_roles) in {{serverless-full}}.
+To create custom roles for {{serverless-full}}, refer to [](/deploy-manage/users-roles/serverless-custom-roles.md).
+:::
+

deploy-manage/users-roles/cluster-or-deployment-auth/access-agreement.md

@@ -2,11 +2,7 @@
 mapped_pages:
   - https://www.elastic.co/guide/en/kibana/current/xpack-security-access-agreement.html
 applies_to:
-  deployment:
-    ess:
-    ece:
-    eck:
-    self:
+  stack: all
 products:
   - id: kibana
 ---

deploy-manage/users-roles/cluster-or-deployment-auth/anonymous-access.md

@@ -2,11 +2,7 @@
 mapped_pages:
   - https://www.elastic.co/guide/en/elasticsearch/reference/current/anonymous-access.html
 applies_to:
-  deployment:
-    ess:
-    ece:
-    eck:
-    self:
+  stack: all
 products:
   - id: elasticsearch
 ---

deploy-manage/users-roles/cluster-or-deployment-auth/authentication-realms.md

@@ -2,11 +2,7 @@
 mapped_pages:
   - https://www.elastic.co/guide/en/elasticsearch/reference/current/realms.html
 applies_to:
-  deployment:
-    ess: all
-    ece: all
-    eck: all
-    self: all
+  stack: all
 products:
   - id: elasticsearch
 ---

deploy-manage/users-roles/cluster-or-deployment-auth/controlling-user-cache.md

@@ -2,11 +2,7 @@
 mapped_pages:
   - https://www.elastic.co/guide/en/elasticsearch/reference/current/controlling-user-cache.html
 applies_to:
-  deployment:
-    ess:
-    ece:
-    eck:
-    self:
+  stack: all
 products:
   - id: elasticsearch
 ---

deploy-manage/users-roles/cluster-or-deployment-auth/custom.md

@@ -3,10 +3,7 @@ mapped_pages:
   - https://www.elastic.co/guide/en/elasticsearch/reference/current/custom-realms.html
 applies_to:
   deployment:
-    ece:
-    ess:
-    eck:
-    self:
+  stack: all
 products:
   - id: elasticsearch
 ---

deploy-manage/users-roles/cluster-or-deployment-auth/defining-roles.md

@@ -26,7 +26,7 @@ After you create your custom roles, you can [learn how to assign them to users](
 
 :::{admonition} Defining custom roles in {{serverless-short}}
 This topic how to create custom roles in {{stack}} clusters and deployments. You can also learn about [organization-level](/deploy-manage/users-roles/cloud-organization/user-roles.md#ec_organization_level_roles) roles and [cloud resource access roles](/deploy-manage/users-roles/cloud-organization/user-roles.md#ec_instance_access_roles) in {{serverless-full}}.
-If you want to create custom roles for {{serverless-full}}, refer to [](/deploy-manage/users-roles/serverless-custom-roles.md).
+If you want too create custom roles for {{serverless-full}}, refer to [](/deploy-manage/users-roles/serverless-custom-roles.md).
 :::
 
 ## Role structure

deploy-manage/users-roles/cluster-or-deployment-auth/external-authentication.md

@@ -1,10 +1,6 @@
 ---
 applies_to:
-  deployment:
-    ess: all
-    ece: all
-    eck: all
-    self: all
+  stack: all
 ---
 
 # External authentication

deploy-manage/users-roles/cluster-or-deployment-auth/internal-authentication.md

@@ -1,10 +1,6 @@
 ---
 applies_to:
-  deployment:
-    ess: all
-    ece: all
-    eck: all
-    self: all
+  stack: all
 ---
 
 # Internal authentication

deploy-manage/users-roles/cluster-or-deployment-auth/internal-users.md

@@ -2,11 +2,7 @@
 mapped_pages:
   - https://www.elastic.co/guide/en/elasticsearch/reference/current/internal-users.html
 applies_to:
-  deployment:
-    ess:
-    ece:
-    eck:
-    self:
+  stack: all
 products:
   - id: elasticsearch
 ---