Merge branch 'network-sec-core' into network-sec-file-renames-xlinks

Author: shainaraskas

deploy-manage/deploy/cloud-on-k8s/configuration-fleet.md

@@ -253,7 +253,7 @@ In order to run {{agent}} as a non-root user you must choose how you want to per
 1. Run {{agent}} with an `emptyDir` volume. This has the downside of not persisting data between restarts of the {{agent}} which can duplicate work done by the previous running Agent.
 2. Run {{agent}} with a `hostPath` volume in addition to a `DaemonSet` running as `root` that sets up permissions for the `agent` user.
 
-In addition to these decisions, if you are running {{agent}} in {{fleet}} mode as a non-root user, you must configure `certificate_authorities.ssl` in each `xpack.fleet.outputs` to trust the CA of the {{es}} Cluster.
+In addition to these decisions, if you are running {{agent}} in {{fleet}} mode as a non-root user, you must configure `ssl.certificate_authorities` in each `xpack.fleet.outputs` to trust the CA of the {{es}} Cluster.
 
 To run {{agent}} with an `emptyDir` volume.
 

deploy-manage/deploy/cloud-on-k8s/configure-eck.md

@@ -29,15 +29,21 @@ To configure ECK settings, follow the instructions in the next sections dependin
 
 If you installed ECK through the Helm chart commands listed in [](./install-using-helm-chart.md), add your configuration parameters under the `config` key in your values file, or set them inline using the equivalent `--set config.<setting-name>=<value>` flags when updating or installing the release.
 
-For example, to add the `ca-cert-validity` setting with a value of `43800h`, you can use any of the following methods:
+Note that the Helm chart uses its own configuration parameters rather than the actual ECK parameters that are described in [{{eck}} configuration flags](cloud-on-k8s://reference/eck-configuration-flags.md). To view all configurable values in the Helm chart for the ECK operator, run the following command:
+
+```sh
+helm show values elastic/eck-operator
+```
+
+For example, the parameter `caValidity` in the Helm chart corresponds to the `ca-cert-validity` ECK parameter. To add the `caValidity` setting with a value of `43800h`, you can use either of the following methods:
 
 ### Option 1: Use a values file and reference it in the helm upgrade command:
 
 Create a values file with the following content:
 
 ```yaml
 config:
-  ca-cert-validity: 43800h
+  caValidity: 43800h
 ```
 
 Then, update the installed release pointing to the values file:
@@ -49,7 +55,7 @@ helm upgrade elastic-operator elastic/eck-operator -f my-values-file.yaml -n ela
 ### Option 2: Use `--set` in the helm upgrade command
 
 ```sh
-helm upgrade elastic-operator elastic/eck-operator --set config.ca-cert-validity=43800h -n elastic-system
+helm upgrade elastic-operator elastic/eck-operator --set config.caValidity=43800h -n elastic-system
 ```
 
 ## Using the operator YAML manifests

deploy-manage/deploy/elastic-cloud/change-hardware.md

@@ -8,9 +8,13 @@ products:
   - id: cloud-hosted
 ---
 
-# Change hardware [ec-change-hardware-for-a-specific-resource]
+# Customize instance configuration [ec-change-instance-configuration]
 
-The virtual hardware on which {{stack}} deployments run is defined by instance configurations. To learn more about what an instance configuration is, refer to [Instance configurations](cloud://reference/cloud-hosted/hardware.md#ec-getting-started-configurations).
+This document explains how to modify the instance configurations used by specific components of your deployment without changing the overall hardware profile assigned to the deployment. This advanced configuration scenario is useful in situations where you need to migrate an Elasticsearch tier or stateless resource to a different hardware type.
+
+## Consideration [ec-considerations-on-changing-ic]
+
+{{stack}} deployments run on virtual hardware defined by instance configurations. For more details, refer to [Hardware profiles](./ec-change-hardware-profile.md#ec-hardware-profile) and [Instance configurations](cloud://reference/cloud-hosted/hardware.md#ec-getting-started-configurations) documents.
 
 When a deployment is created, each {{es}} tier and stateless resource (e.g., Kibana) gets an instance configuration assigned to it, based on the hardware profile used. The combination of instance configurations defined within each hardware profile is designed to provide the best possible outcome for each use case. Therefore, it is not advisable to use instance configurations that are not specified on the hardware profile, except in specific situations in which we may need to migrate an {{es}} tier or stateless resource to a different hardware type. An example of such a scenario is when a cloud provider stops supporting a hardware type in a specific region.
 
@@ -89,6 +93,30 @@ Having an instance configuration mismatch between the deployment and the hardwar
 
 ## Deprecated instance configurations (ICs) and deployment templates (DTs) [ec-deprecated-icdt]
 
-A list of deprecated and valid ICs/DTs can be found on the [Available regions, deployment templates and instance configurations](cloud://reference/cloud-hosted/ec-regions-templates-instances.md) page, as well as through the API, using `hide_deprecated` to return valid ICs/DTs. For example, to return valid ICs/DTs the following request can be used: `https://api.elastic-cloud.com/api/v1/deployments/templates?region=us-west-2&hide_deprecated=true`. To list only the deprecated ones, this can be used: `https://api.elastic-cloud.com/api/v1/deployments/templates?region=us-west-2&metadata=legacy:true`.
+Hardware profile is also referenced as deployment templates in {{ecloud}}. 
+
+You can find a list of deprecated and valid instance configurations (ICs) and deployment templates (DTs) in two ways:
+
+### Public documentation page
+
+Visit the [Available regions, deployment templates and instance configurations](cloud://reference/cloud-hosted/ec-regions-templates-instances.md) page for detailed information.
+
+### API access
+
+Use the [Get deployment templates API](https://www.elastic.co/docs/api/doc/cloud/operation/operation-get-deployment-templates-v2) with query parameters like `hide_deprecated` to retrieve valid ICs and DTs. This API request returns a list of DTs along with the respective ICs referenced within each DT.
+
+For example, 
+* To return valid ICs/DTs the following request can be used: `https://api.elastic-cloud.com/api/v1/deployments/templates?region=us-west-2&hide_deprecated=true`. 
+* To list only the deprecated ones, this can be used: `https://api.elastic-cloud.com/api/v1/deployments/templates?region=us-west-2&metadata=legacy:true`.
 
 If a deprecated IC/DT is already in use, it can continue to be used. However, creating or migrating to a deprecated IC/DT is no longer possible and will result in a plan failing. In order to migrate to a valid IC/DT, navigate to the **Edit hardware profile** option in the Cloud UI or use the [Deployment API](https://www.elastic.co/docs/api/doc/cloud/operation/operation-migrate-deployment-template).
+
+::::{note}
+Deployments using {{stack}} versions prior to 7.10 do not support changing the hardware profile through the {{ecloud}} console or API. To change the hardware profile, first upgrade to version 7.10 or later.
+::::
+
+In addtion, you can refer to below information about how these terminologies are referenced. 
+* _Deprecated_ is also referenced as _legacy_. 
+* Using the `metadata=legacy:true` query parameter will return only legacy/deprecated DTs.
+* Using the `hide_deprecated=true` query parameter will return only valid DTs.
+* Not using any of the query parameters above will return all DTs. In this case, check the presence of `legacy: true` in the `metadata` entries within the API response, to verify if an IC/DT is deprecated or not.

deploy-manage/deploy/elastic-cloud/custom-endpoint-aliases.md

@@ -32,7 +32,7 @@ New deployments are assigned a default alias derived from the deployment name. T
 To add an alias to an existing deployment:
 
 1. From the **Hosted deployments** menu, select a deployment.
-2. Under **Custom endpoint alias**, select **Edit**.
+2. Under **Connection alias**, select **Create an alias**.
 3. Define a new alias. Make sure you choose something meaningful to you.
 
     ::::{tip}
@@ -47,8 +47,8 @@ To add an alias to an existing deployment:
 To remove an alias from your deployment, or if you want to re-assign an alias to another deployment, follow these steps:
 
 1. From the **Hosted deployments** menu, select a deployment.
-2. Under **Custom endpoint alias**, select **Edit**.
-3. Remove the text from the **Custom endpoint alias** text box.
+2. Under *Connection alias**, select **Edit**.
+3. Remove the text from the **Connection alias** text box.
 4. Select **Update alias**.
 
 ::::{note}

deploy-manage/deploy/elastic-cloud/differences-from-other-elasticsearch-offerings.md

@@ -65,6 +65,7 @@ This table compares the core platform capabilities between {{ech}} deployments a
 | **Deployment health monitoring** | AutoOps or monitoring cluster | Managed by Elastic | - No monitoring cluster required <br>- Automatically handled by Elastic |
 | **Deployment model** | Single deployments with multiple solutions | Separate projects for specific use cases | Fundamental architectural difference - [Learn more](https://www.elastic.co/blog/elastic-serverless-architecture) |
 | **Deployment monitoring** | AutoOps or monitoring cluster | Managed | Monitoring is handled by Elastic |
+| **Email service** | ✅ | ✅ | Preconfigured email connector available - [Learn more about limits and usage](/deploy-manage/deploy/elastic-cloud/tools-apis.md#elastic-cloud-email-service) |
 | **Hardware configuration** | Limited control | Managed | Hardware choices are managed by Elastic |
 | **High availability** | ✅ | ✅ | Automatic resilience |
 | **Network security** | IP filtering, private connectivity (VPCs, PrivateLink) | IP filtering | Private connectivity options anticipated in a future release |

deploy-manage/deploy/elastic-cloud/ec-change-hardware-profile.md

@@ -8,7 +8,9 @@ products:
   - id: cloud-hosted
 ---
 
-# Change hardware profiles [ec-change-hardware-profile]
+# Manage hardware profiles [ec-change-hardware-profile]
+
+## Hardware profile [ec-hardware-profile]
 
 Deployment hardware profiles deploy the {{stack}} on virtual hardware. Each hardware profile has a different blend of storage, RAM, and vCPU.
 
@@ -24,6 +26,11 @@ The {{ecloud}} console indicates when a new version of a hardware profile is ava
 
 ## Change the hardware profile using the {{ecloud}} console [ec_change_the_hardware_profile_using_the_elastic_cloud_console]
 
+::::{note}
+Deployments using {{stack}} versions prior to 7.10 do not support changing the hardware profile through the {{ecloud}} console or API. To change the hardware profile, first upgrade to version 7.10 or later.
+::::
+
+
 ### Upgrade to the newest version of your current hardware profile [ec_upgrade_to_the_newest_version_of_your_current_hardware_profile]
 
 Note that if there’s no indication that a newer version is available, that means that your deployment is already running on the latest version of that hardware profile.
@@ -72,6 +79,11 @@ If your deployment is configured for high availability, the hardware profile cha
 
 ## Change the hardware profile using the API [ec_change_the_hardware_profile_using_the_api]
 
+::::{note}
+Deployments using {{stack}} versions prior to 7.10 do not support changing the hardware profile through the {{ecloud}} console or API. To change the hardware profile, first upgrade to version 7.10 or later.
+::::
+
+
 Prerequisites:
 
 * A valid {{ecloud}} [API key](../../api-keys/elastic-cloud-api-keys.md) (`$EC_API_KEY`)
@@ -176,21 +188,28 @@ Consider this configuration for ingestion use cases with 1-4 days of data availa
 
 ### CPU optimized (ARM) [ec-profiles-compute-optimized-arm]
 
-This profile is similar to CPU optimized profile but is powered by AWS Graviton2 instances. You can find the exact storage, memory, and vCPU allotment on the [hardware details page](cloud://reference/cloud-hosted/hardware.md#ec-getting-started-configurations) for each cloud provider.
+This profile is similar to CPU optimized profile but powered by ARM instances. Currently, we offer ARM instances on AWS. You can find the exact storage, memory, and vCPU allotment on the [hardware details page](cloud://reference/cloud-hosted/hardware.md#ec-getting-started-configurations) for each cloud provider.
 
 **Ideal use case**
 
 Consider this configuration for ingestion use cases with 1-4 days of data available for fast access and for search use cases with indexing and querying workloads. Provides the most CPU resources per unit of RAM.
 
-
-### Vector search optimized (ARM) [ec-profiles-vector-search]
+### Vector search optimized [ec-profiles-vector-search]
 
 This profile is suited for Vector search, Generative AI and Semantic search optimized workloads. You can find the exact storage, memory, and vCPU allotment on the [hardware details page](cloud://reference/cloud-hosted/hardware.md#ec-getting-started-configurations) for each cloud provider.
 
 **Ideal use case**
 
 Optimized for applications that leverage Vector Search and/or Generative AI. Also the optimal choice for utilizing ELSER for semantic search applications. Broadly suitable for all semantic search, text embedding, image search, and other Vector Search use cases.
 
+### Vector search optimized (ARM) [ec-profiles-vector-search-arm]
+
+This profile is suited for Vector search, Generative AI and Semantic search optimized workloads powered by ARM instances. Currently, we offer ARM instances on AWS. You can find the exact storage, memory, and vCPU allotment on the [hardware details page](cloud://reference/cloud-hosted/hardware.md#ec-getting-started-configurations) for each cloud provider.
+
+**Ideal use case**
+
+Optimized for applications that leverage Vector Search and/or Generative AI. Also the optimal choice for utilizing ELSER for semantic search applications. Broadly suitable for all semantic search, text embedding, image search, and other Vector Search use cases.
+
 
 ### General purpose [ec-profiles-general-purpose]
 
@@ -203,7 +222,7 @@ Suitable for ingestion use cases with 5-7 days of data available for fast access
 
 ### General purpose (ARM) [ec-profiles-general-purpose-arm]
 
-This profile is similar to the General purpose profile but is powered by AWS Graviton2 instances. You can find the exact storage, memory, and vCPU allotment on the [hardware details page](cloud://reference/cloud-hosted/hardware.md#ec-getting-started-configurations) for each cloud provider.
+This profile is similar to General purpose profile but powered by ARM instances. Currently, we offer ARM instances on AWS. You can find the exact storage, memory, and vCPU allotment on the [hardware details page](cloud://reference/cloud-hosted/hardware.md#ec-getting-started-configurations) for each cloud provider.
 
 **Ideal use case**
 

deploy-manage/deploy/elastic-cloud/ec-vcpu-boost-instance.md

@@ -13,6 +13,9 @@ products:
 
 {{ecloud}} allows smaller instance sizes to get temporarily boosted vCPU when under heavy load. vCPU boosting is governed by vCPU credits that instances can earn over time when vCPU usage is less than the assigned amount.
 
+::::{important}
+vCPU credits temporarily assigns extra CPU resources beyond the default. These credits are not always guaranteed, and might be reset during essential maintenance.
+::::
 
 ## How does vCPU boosting work? [ec_how_does_vcpu_boosting_work]
 

deploy-manage/deploy/elastic-cloud/serverless.md

@@ -61,38 +61,37 @@ Serverless projects run on cloud platforms, which may undergo changes in availab
 
 To learn more about serverless status, see [Service status](../../cloud-organization/service-status.md).
 
-## Answers to common serverless questions [general-what-is-serverless-elastic-answers-to-common-serverless-questions]
+## Frequently asked questions (FAQ) about {{serverless-full}} projects [general-what-is-serverless-elastic-answers-to-common-serverless-questions]
 
-**Is there migration support between hosted deployments and serverless projects?**
+The following FAQ addresses common questions about using {{serverless-full}} projects.
 
-Migration paths between hosted deployments and serverless projects are currently unsupported.
+### Pricing and availability
+**Q: Where can I learn about pricing for {{serverless-short}}?**  
+A: See pricing information for [{{es-serverless}}](https://www.elastic.co/pricing/serverless-search), [{{observability}}](https://www.elastic.co/pricing/serverless-observability), and [{{sec-serverless}}](https://www.elastic.co/pricing/serverless-security).
 
-**How can I move data to or from serverless projects?**
+**Q: What Cloud regions does {{serverless-full}} support?**  
+A: {{serverless-full}} is available in select AWS, GCP, and Azure regions, with plans to expand to more regions. For more information, refer to [](/deploy-manage/deploy/elastic-cloud/regions.md).
 
-We are working on data migration tools! In the interim, [use Logstash](logstash://reference/index.md) with {{es}} input and output plugins to move data to and from serverless projects.
+### Data management
+**Q: How can I move data to or from {{serverless-short}} projects?**  
+A: We are working on data migration tools. In the interim, [use Logstash](logstash://reference/index.md) with {{es}} input and output plugins to move data to and from {{serverless-short}} projects.
 
-**How does serverless ensure compatibility between software versions?**
+**Q: Can I request backups or restores for my serverless projects?**  
+A: Request for project backups or restores is currently unsupported, and we are working on data migration tools to better support this.
 
-Connections and configurations are unaffected by upgrades. To ensure compatibility between software versions, quality testing and API versioning are used.
+### Security, compliance, and access
+**Q: How can I create {{serverless-full}} service accounts?**  
+A: Create API keys for service accounts in your {{serverless-short}} projects. Options to automate the creation of API keys with tools such as Terraform will be available in the future.
 
-**Can I convert a serverless project into a hosted deployment, or a hosted deployment into a serverless project?**
+### Project lifecycle and support
+**Q: How does {{serverless-full}} ensure compatibility between software versions?**  
+A: Connections and configurations are unaffected by upgrades. To ensure compatibility between software versions, quality testing and API versioning are used.
 
-Projects and deployments are based on different architectures, and you are unable to convert.
+**Q: Can I convert a {{serverless-full}} project into an {{ech}} deployment, or a hosted deployment into a {{serverless-short}} project?**  
+A: Projects and deployments are based on different architectures, so you are unable to convert.
 
-**Can I convert a serverless project into a project of a different type?**
+**Q: Can I convert a {{serverless-short}} project into a project of a different type?**  
+A: You are unable to convert projects into different project types, but you can create as many projects as you’d like. You will be charged only for your usage.
 
-You are unable to convert projects into different project types, but you can create as many projects as you’d like. You will be charged only for your usage.
-
-**How can I create serverless service accounts?**
-
-Create API keys for service accounts in your serverless projects. Options to automate the creation of API keys with tools such as Terraform will be available in the future.
-
-To raise a Support case with Elastic, raise a case for your subscription the same way you do today. In the body of the case, make sure to mention you are working in serverless to ensure we can provide the appropriate support.
-
-**Where can I learn about pricing for serverless?**
-
-See serverless pricing information for [Search](https://www.elastic.co/pricing/serverless-search), [Observability](https://www.elastic.co/pricing/serverless-observability), and [Security](https://www.elastic.co/pricing/serverless-security).
-
-**Can I request backups or restores for my projects?**
-
-It is not currently possible to request backups or restores for projects, but we are working on data migration tools to better support this.
+**Q: How do I raise a support case for {{serverless-full}}?**  
+A: Raise a case for your subscription as you do today. In the body of the case, mention you are working with a {{serverless-short}} project to ensure appropriate support.