elastic · colleenmcginnis · Mar 6, 2025 · Feb 28, 2025 · Feb 28, 2025 · Feb 28, 2025
@@ -1,12 +1,12 @@
-Field and document security is subject to the following limitations: 
+Field and document security is subject to the following limitations:
 
 ### Document level security limitations
 
 When a user’s role enables [document level security](/deploy-manage/users-roles/cluster-or-deployment-auth/controlling-access-at-document-field-level.md) for a data stream or index:
 
 * Document level security doesn’t affect global index statistics that relevancy scoring uses. This means that scores are computed without taking the role query into account. Documents that don’t match the role query are never returned.
 * The `has_child` and `has_parent` queries aren’t supported as query parameters in the role definition. The `has_child` and `has_parent` queries can be used in the search API with document level security enabled.
-* [Date math](asciidocalypse://docs/elasticsearch/docs/reference/elasticsearch/rest-apis/common-options.md#date-math) expressions cannot contain `now` in [range queries with date fields](asciidocalypse://docs/elasticsearch/docs/reference/query-languages/query-dsl-range-query.md#ranges-on-dates).
+* [Date math](elasticsearch://reference/elasticsearch/rest-apis/common-options.md#date-math) expressions cannot contain `now` in [range queries with date fields](elasticsearch://reference/query-languages/query-dsl-range-query.md#ranges-on-dates).
 * Any query that makes remote calls to fetch query data isn’t supported, including the following queries:
 
     * `terms` query with terms lookup
@@ -16,9 +16,9 @@ When a user’s role enables [document level security](/deploy-manage/users-role
 * If suggesters are specified and document level security is enabled, the specified suggesters are ignored.
 * A search request cannot be profiled if document level security is enabled.
 * The [terms enum API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-terms-enum) does not return terms if document level security is enabled.
-* The [`multi_match`](asciidocalypse://docs/elasticsearch/docs/reference/query-languages/query-dsl-multi-match-query.md) query does not support specifying fields using wildcards.
+* The [`multi_match`](elasticsearch://reference/query-languages/query-dsl-multi-match-query.md) query does not support specifying fields using wildcards.
 
-:::{note} 
+:::{note}
 While document-level security prevents users from viewing restricted documents, it’s still possible to write search requests that return aggregate information about the entire index. A user whose access is restricted to specific documents in an index could still learn about field names and terms that only exist in inaccessible documents, and count how many inaccessible documents contain a given term.
 :::
 

@@ -18,7 +18,7 @@ Most Elastic resources can be accessed and managed through RESTful APIs. While t
 Elasticsearch APIs
 :   This set of APIs allows you to interact directly with the Elasticsearch nodes in your deployment. You can ingest data, run search queries, check the health of your clusters, manage snapshots, and more.
 
-    To use these APIs on {{ecloud}} read our topic [Access the API console](asciidocalypse://docs/cloud/docs/reference/cloud-hosted/ec-api-console.md), and to learn about all of the available endpoints check the [Elasticsearch API reference documentation](asciidocalypse://docs/elasticsearch/docs/reference/elasticsearch/rest-apis/index.md).
+    To use these APIs on {{ecloud}} read our topic [Access the API console](asciidocalypse://docs/cloud/docs/reference/cloud-hosted/ec-api-console.md), and to learn about all of the available endpoints check the [Elasticsearch API reference documentation](elasticsearch://reference/elasticsearch/rest-apis/index.md).
 
     Some [restrictions](../deploy/elastic-cloud/restrictions-known-problems.md#ec-restrictions-apis-elasticsearch) apply when using the Elasticsearch APIs on {{ecloud}}.
 
@@ -37,7 +37,7 @@ Other Products
     * [APM event intake API Reference](/solutions/observability/apps/elastic-apm-events-intake-api.md)
     * [App Search API Reference](https://www.elastic.co/guide/en/app-search/current/api-reference.html)
     * [Elastic Security APIs](https://www.elastic.co/guide/en/security/current/security-apis.html)
-    * [Fleet APIs](asciidocalypse://docs/docs-content/docs/reference/ingestion-tools/fleet/fleet-api-docs.md)
+    * [Fleet APIs](/reference/ingestion-tools/fleet/fleet-api-docs.md)
     * [Logstash APIs](https://www.elastic.co/guide/en/logstash/current/monitoring-logstash.html)
     * [Workplace Search API Reference](https://www.elastic.co/guide/en/workplace-search/current/workplace-search-api-overview.html)
 

@@ -32,7 +32,7 @@ Refer to [](./cloud-enterprise/ece-architecture.md) for details about the ECE pl
 - **Air-gapped installations**: Support for off-line installations.
 - **Microservices architecture**: All services are containerized through Docker.
 
-Check the [glossary](asciidocalypse:///docs-content/docs/reference/glossary.md) to get familiar with the terminology for ECE as well as other Elastic products and solutions.
+Check the [glossary](/reference/glossary/index.md) to get familiar with the terminology for ECE as well as other Elastic products and solutions.
 
 ## Section overview
 

@@ -1,8 +1,8 @@
 ---
-mapped_pages: 
+mapped_pages:
     - https://www.elastic.co/guide/en/cloud-enterprise/current/ece-add-custom-bundle-plugin.html
 navigation_title: "Custom bundles and plugins"
-applies_to: 
+applies_to:
   deployment:
     ece:
 ---
@@ -360,7 +360,7 @@ You do not need to do this step if you are using default filename and password (
             }
     ```
 
-4. To use this bundle, you can refer it in the [GeoIP processor](asciidocalypse://docs/elasticsearch/docs/reference/ingestion-tools/enrich-processor/geoip-processor.md) of an ingest pipeline as `MyGeoLite2-City.mmdb` under `database_file` such as:
+4. To use this bundle, you can refer it in the [GeoIP processor](elasticsearch://reference/ingestion-tools/enrich-processor/geoip-processor.md) of an ingest pipeline as `MyGeoLite2-City.mmdb` under `database_file` such as:
 
     ```sh
     ...

@@ -16,7 +16,7 @@ Adding plugins to a deployment is as simple as selecting it from the list of ava
 
 Additional plugins might be available. If a plugin is listed for your version of {{es}}, it can be used.
 
-You can also [create](asciidocalypse://elasticsearch/docs/extend/create-elasticsearch-plugins.md) and add custom plugins.
+You can also [create](elasticsearch://extend/index.md) and add custom plugins.
 
 To add plugins when creating a new deployment:
 
@@ -32,7 +32,7 @@ To add plugins to an existing deployment:
 
 1. [Log into the Cloud UI](/deploy-manage/deploy/cloud-enterprise/log-into-cloud-ui.md).
 2. On the **Deployments** page, select your deployment.
- 
+
     Narrow the list by name, ID, or choose from several other filters. To further define the list, use a combination of filters.
 
 3. From your deployment menu, go to the **Edit** page.

@@ -26,14 +26,14 @@ Each Elastic Cloud Enterprise runner can take on several roles:
 `director`
 :   Manages the ZooKeeper datastore. This role is typically shared with the coordinator role. In production deployments it can be separated from a coordinator.
 
-::::{important} 
+::::{important}
 Once the `director` role is assigned to a runner, the Zookeeper service starts on that host. The Zookeeper service continues even after the  director role is removed from the runner. Therefore, if you remove the `director` role from any host that has ever had it, we highly recommend also [deleting the runner](../../maintenance/ece/delete-ece-hosts.md) and re-installing it.
 ::::
 
 
 Each role is associated with a set of Docker containers that provide the specific functionality.
 
-There are some additional roles shown in the Cloud UI, such as the [beats-runner](asciidocalypse://docs/docs-content/docs/reference/glossary/index.md#glossary-beats-runner) and [services-forwarder](asciidocalypse://docs/docs-content/docs/reference/glossary/index.md#glossary-services-forwarder) roles, that are required by Elastic Cloud Enterprise and that you cannot modify.
+There are some additional roles shown in the Cloud UI, such as the [beats-runner](/reference/glossary/index.md#glossary-beats-runner) and [services-forwarder](/reference/glossary/index.md#glossary-services-forwarder) roles, that are required by Elastic Cloud Enterprise and that you cannot modify.
 
 To assign roles to hosts:
 

@@ -22,7 +22,7 @@ The `node_roles` field defines the roles that an Elasticsearch topology element
 There are a number of fields that need to be added to each Elasticsearch node in order to support `node_roles`:
 
 * **id**: Unique identifier of the topology element. This field, along with the `node_roles`, identifies an Elasticsearch topology element.
-* **node_roles**: The list of node roles. Allowable roles are: `master`, `ingest`, `ml`, `data_hot`, `data_content`, `data_warm`, `data_cold`, `data_frozen`, `remote_cluster_client`, and `transform`. For details, check [Node roles](asciidocalypse://docs/elasticsearch/docs/reference/elasticsearch/configuration-reference/node-settings.md#node-roles).
+* **node_roles**: The list of node roles. Allowable roles are: `master`, `ingest`, `ml`, `data_hot`, `data_content`, `data_warm`, `data_cold`, `data_frozen`, `remote_cluster_client`, and `transform`. For details, check [Node roles](elasticsearch://reference/elasticsearch/configuration-reference/node-settings.md#node-roles).
 * **topology_element_control**: Controls for the topology element.
 
     * **min**: The absolute minimum size limit for a topology element. If the value is `0`, that means the topology element can be disabled.

@@ -43,7 +43,7 @@ To configure index management when you create a deployment template:
     Index curation
     :   Creates new indices on hot nodes first and moves them to warm nodes later on, based on the data views (formerly *index patterns*) you specify. Also manages replica counts for you, so that all shards of an index can fit on the right data nodes. Compared to index lifecycle management, index curation for time-based indices supports only one action, to move indices from nodes on one data configuration to another, but it is more straightforward to set up initially and all setup can be done directly from the Cloud UI.
 
-        If your user need to delete indices once they are no longer useful to them, they can run [Curator](asciidocalypse://docs/curator/docs/reference/index.md) on-premise to manage indices for Elasticsearch clusters hosted on Elastic Cloud Enterprise.
+        If your user need to delete indices once they are no longer useful to them, they can run [Curator](curator://reference/index.md) on-premise to manage indices for Elasticsearch clusters hosted on Elastic Cloud Enterprise.
 
         To configure index curation:
 

@@ -35,11 +35,11 @@ Increasing the number of zones should not be used to add more resources. The con
 
 ## Master nodes [ece-ece-ha-2-master-nodes]
 
-Tiebreakers are used in distributed clusters to avoid cases of [split brain](https://en.wikipedia.org/wiki/Split-brain_(computing)), where an {{es}} cluster splits into multiple, autonomous parts that continue to handle requests independently of each other, at the risk of affecting cluster consistency and data loss. A split-brain scenario is avoided by making sure that a minimum number of [master-eligible nodes](asciidocalypse://docs/elasticsearch/docs/reference/elasticsearch/configuration-reference/node-settings.md#master-node) must be present in order for any part of the cluster to elect a master node and accept user requests. To prevent multiple parts of a cluster from being eligible, there must be a [quorum-based majority](/deploy-manage/distributed-architecture/discovery-cluster-formation/modules-discovery-quorums.md) of `(n/2)+1` nodes, where `n` is the number of master-eligible nodes in the cluster. The minimum number of master nodes to reach quorum in a two-node cluster is the same as for a three-node cluster: two nodes must be available.
+Tiebreakers are used in distributed clusters to avoid cases of [split brain](https://en.wikipedia.org/wiki/Split-brain_(computing)), where an {{es}} cluster splits into multiple, autonomous parts that continue to handle requests independently of each other, at the risk of affecting cluster consistency and data loss. A split-brain scenario is avoided by making sure that a minimum number of [master-eligible nodes](elasticsearch://reference/elasticsearch/configuration-reference/node-settings.md#master-node) must be present in order for any part of the cluster to elect a master node and accept user requests. To prevent multiple parts of a cluster from being eligible, there must be a [quorum-based majority](/deploy-manage/distributed-architecture/discovery-cluster-formation/modules-discovery-quorums.md) of `(n/2)+1` nodes, where `n` is the number of master-eligible nodes in the cluster. The minimum number of master nodes to reach quorum in a two-node cluster is the same as for a three-node cluster: two nodes must be available.
 
 When you create a cluster with nodes in two availability zones when a third zone is available, ECE can create a tiebreaker in the third availability zone to help establish quorum in case of loss of an availability zone. The extra tiebreaker node that helps to provide quorum does not have to be a full-fledged and expensive node, as it does not hold data. For example: By tagging allocators hosts in ECE, can you create a cluster with eight nodes each in zones `ece-1a` and `ece-1b`, for a total of 16 nodes, and one tiebreaker node in zone `ece-1c`. This cluster can lose any of the three availability zones whilst maintaining quorum, which means that the cluster can continue to process user requests, provided that there is sufficient capacity available when an availability zone goes down.
 
-By default, each node in an {{es}} cluster is a master-eligible node and a data node. In larger clusters, such as production clusters, it’s a good practice to split the roles, so that master nodes are not handling search or indexing work. When you create a cluster, you can specify to use dedicated [master-eligible nodes](asciidocalypse://docs/elasticsearch/docs/reference/elasticsearch/configuration-reference/node-settings.md#master-node), one per availability zone.
+By default, each node in an {{es}} cluster is a master-eligible node and a data node. In larger clusters, such as production clusters, it’s a good practice to split the roles, so that master nodes are not handling search or indexing work. When you create a cluster, you can specify to use dedicated [master-eligible nodes](elasticsearch://reference/elasticsearch/configuration-reference/node-settings.md#master-node), one per availability zone.
 
 ::::{warning}
 Clusters that only have two or fewer master-eligible node are not [highly available](/deploy-manage/production-guidance/availability-and-resilience.md) and are at risk of data loss. You must have [at least three master-eligible nodes](/deploy-manage/distributed-architecture/discovery-cluster-formation/modules-discovery-quorums.md).