elastic · eedugon · Mar 14, 2025 · Feb 25, 2025 · Feb 25, 2025 · Feb 26, 2025
@@ -11,7 +11,7 @@ mapped_urls:
 
 {{ece}} (ECE) is an Elastic self-managed solution for deploying, orchestrating, and managing {{es}} clusters at scale. It provides a centralized platform that allows organizations to run {{es}}, {{kib}}, and other {{stack}} components across multiple machines.
 
-ECE evolves from the Elastic hosted Cloud SaaS offering into a standalone product. You can deploy ECE on public or private clouds, virtual machines, or your own premises.
+ECE evolves from the [{{ech}}](./elastic-cloud.md) offering into a standalone product. You can deploy ECE on public or private clouds, virtual machines, or your own premises.
 
 With {{ece}}, you can:
 
@@ -51,7 +51,7 @@ The section covers the following tasks:
 * [Work with deployments](./cloud-enterprise/working-with-deployments.md)
   - Use [](./cloud-enterprise/deployment-templates.md) to [](./cloud-enterprise/create-deployment.md)
   - [](./cloud-enterprise/customize-deployment.md)
-  - Use the deployment [Cloud ID](./cloud-enterprise/find-cloud-id.md) and [Endpoint URLs](./cloud-enterprise/find-endpoint-url.md) for clients connection
+  - [Connect your applications to {{es}}](./cloud-enterprise/connect-elasticsearch.md)
 
 * Learn about [](./cloud-enterprise/tools-apis.md) that you can use with ECE
 

@@ -1,8 +1,19 @@
+---
+applies_to:
+  deployment:
+    ece: all
+mapped_pages:
+  - https://www.elastic.co/guide/en/cloud-enterprise/current/ece-access-kibana.html
+  - https://www.elastic.co/guide/en/cloud-enterprise/current/ece-manage-kibana.html
+---
+
 # Access Kibana [ece-access-kibana]
 
-Kibana is an open source analytics and visualization platform designed to search, view, and interact with data stored in Elasticsearch indices. The use of Kibana is included with your subscription.
+Kibana is an open source analytics and visualization platform designed to search, view, and interact with data stored in Elasticsearch indices.
 
-For new Elasticsearch clusters, we automatically create a Kibana instance for you.
+::::{tip} 
+Most deployment templates include a Kibana instance, but if it wasn’t part of the initial deployment you can [](./customize-deployment.md) and add {{kib}}.
+::::
 
 To access Kibana:
 
@@ -11,7 +22,7 @@ To access Kibana:
 
     Narrow the list by name, ID, or choose from several other filters. To further define the list, use a combination of filters.
 
-3. Under **Applications**, select the Kibana **Launch** link and wait for Kibana to open.
+3. Under **Applications**, select the Kibana **Open** link and wait for Kibana to open.
 
     ::::{note} 
     Both ports 443 and 9243 can be used to access Kibana. SSO only works with 9243 on older deployments, where you will see an option in the Cloud UI to migrate the default to port 443. In addition, any version upgrade will automatically migrate the default port to 443.
@@ -23,11 +34,9 @@ To access Kibana:
     * Log in with the `elastic` superuser. The password was provided when you created your cluster or [can be reset](../../../deploy-manage/users-roles/cluster-or-deployment-auth/built-in-users.md).
     * Log in with any users you created in Kibana already.
 
+    ::::{tip} 
+    On AWS and not able to access Kibana? [Check if you need to update your endpoint URL first](../../../troubleshoot/deployments/cloud-enterprise/common-issues.md#ece-aws-private-ip).
+    ::::
 
 In production systems, you might need to control what Elasticsearch data users can access through Kibana, so you need create credentials that can be used to access the necessary Elasticsearch resources. This means granting read access to the necessary indexes, as well as access to update the `.kibana` index.
 
-::::{tip} 
-If your cluster didn’t include a Kibana instance initially, there might not be a Kibana endpoint URL shown, yet. To gain access, all you need to do is [enable Kibana first](../../../deploy-manage/maintenance.md).
-::::
-
-
@@ -1,4 +1,5 @@
 ---
+navigation_title: Configure plugins and extensions
 applies_to:
   deployment:
     ece:

@@ -1,4 +1,7 @@
 ---
+applies_to:
+  deployment:
+    ece: all
 mapped_pages:
   - https://www.elastic.co/guide/en/cloud-enterprise/current/ece-advanced-configuration.html
 ---

@@ -8,45 +8,36 @@ mapped_pages:
 
 # Change endpoint URLs [ece-administering-endpoints]
 
-For applications without SSL or HTTPS protocol support, you can use a local endpoint with the HTTP protocol, which in turn connects to your Elasticsearch cluster or to Kibana either using the HTTP or the HTTPS protocol.
+{{es}} and {{kib}} endpoint URLs are constructed using the `CLUSTER_ID` of the component ({{es}} or {{kib}}), and the domain name (`CNAME`) configured in the **Deployment Endpoints** section of the **Platform > Settings** UI.
 
-By default, cluster and Kibana endpoint URLs are constructed according to the following pattern, where `CLUSTER_ID` and `LOCAL_HOST_IP` are values that depend on your specific installation:
+By default, the deployments `CNAME` is set to `LOCAL_HOST_IP.ip.es.io`, where `LOCAL_HOST_IP` is the IP address of the first installed ECE host. This results in the following default endpoint URLs:
 
 ```sh
 http://CLUSTER_ID.LOCAL_HOST_IP.ip.es.io:9200
 https://CLUSTER_ID.LOCAL_HOST_IP.ip.es.io:9243
 ```
 
-For example:
-
-```sh
-http://2882c82e54d4361.us-west-5.aws.found.io:9200
-https://2882c82e54d4361.us-west-5.aws.found.io:9243
-```
-
-::::{tip}
-To find your endpoints, select a deployment review the information on the **Elasticsearch** and **Kibana** pages.
+::::{important}
+If your application does not support HTTPS, you can connect to the HTTP endpoint on port 9200. However, for security reasons, it is recommended to use **HTTPS (9243)** whenever possible.
 ::::
 
 To change endpoints in the Cloud UI:
 
 1. [Log into the Cloud UI](log-into-cloud-ui.md).
 2. From the **Platform** menu, select **Settings**.
-3. Specify the deployment domain name value for your cluster and Kibana endpoints.
+3. Specify the deployment domain name (`CNAME`) value for your cluster and Kibana endpoints.
 4. Select **Update Deployment endpoints**. The new endpoint becomes effective immediately.
 
+To find your deployment endpoints, select a deployment and review the information on the **Elasticsearch** and **Kibana** pages.
+
 ::::{tip}
 If you install Elastic Cloud Enterprise on AWS, you likely need to modify the cluster endpoint. To learn more, check [Endpoint URLs Inaccessible on AWS](../../../troubleshoot/deployments/cloud-enterprise/common-issues.md#ece-aws-private-ip).
 ::::
 
-
 ::::{tip}
 If you have an App Search instance, after specifying a new deployment domain name value you need to reapply the App Search [cluster configuration](advanced-cluster-configuration.md), either with or without any changes.
 ::::
 
-
 ::::{note}
 The built-in Proxy Certificate only validates against the default endpoint format described on this page. Once you change it, it is necessary to upload a new Proxy Certificate as described in [Manage security certificates](/deploy-manage/security/secure-your-elastic-cloud-enterprise-installation/manage-security-certificates.md). For test only, clients can be configured with hostname verification disabled until the new certificate is uploaded.
 ::::
-
-
@@ -6,7 +6,7 @@ mapped_pages:
   - https://www.elastic.co/guide/en/cloud-enterprise/current/ece-configuring-ece-templates.html
 ---
 
-# Configure deployment templates [ece-configuring-ece-templates]
+# Manage deployment templates [ece-configuring-ece-templates]
 
 Deployment templates combine components of the Elastic Stack, such as Elasticsearch nodes and Kibana instances, for different use cases. Compared to a one-size-fits-all approach to deploying the Elastic Stack, templates provide much greater flexibility and ensure that your deployments have the resources they need to support your use cases. To make the most of deployment templates, you must configure ECE for them.
 

@@ -0,0 +1,44 @@
+---
+navigation_title: Configure
+applies_to:
+  deployment:
+    ece: all
+mapped_pages:
+  - https://www.elastic.co/guide/en/cloud-enterprise/current/ece-change-deployment.html
+---
+
+% document scope: introduction to deployment configuration use cases
+
+# Configure your deployment [ece-change-deployment]
+
+You might want to change the configuration of your deployment to:
+
+* Add features, such as machine learning or APM (application performance monitoring).
+* Increase or decrease capacity by changing the amount of reserved memory and storage for different parts of your deployment.
+* Enable [autoscaling](/deploy-manage/autoscaling/autoscaling-in-ece-and-ech.md) so that the available resources for deployment components, such as data tiers and machine learning nodes, adjust automatically as the demands on them change over time.
+* Enable [high availability](./ece-ha.md), also known as fault tolerance, by adjusting the number of availability zones that parts of your deployment run on.
+* Upgrade to new versions of {{es}}. You can upgrade from one major version to another, such as from 6.8.23 to 7.17.27, or from one minor version to another, such as 6.1 to 6.2. You can’t downgrade versions.
+* Change what plugins or custom bundles are available on your {{es}} cluster.
+* Change {{es}}, {{kib}}, or other stack application YML configuration settings.
+
+For single availability zone deployments, there is downtime to portions of your cluster when changes are applied. For HA deployments and with the exception of major version upgrades, we can perform all these changes without interrupting your deployment. During the application of these changes, you can continue to search and index.
+
+When updating an existing deployment, you can make multiple changes in a single configuration update. For example, you increase memory and storage, upgrade minor versions, adjust the number of plugins, and adjust fault tolerance by changing the number of availability zones—all in one action.
+
+::::{note}
+When applying changes, existing data may be migrated to new nodes. For clusters containing large amounts of data, this migration can take some time, especially if your deployment is under a heavy workload. Refer to [Configuration strategies](./customize-deployment.md#configuration-strategies) to learn about the different ways ECE applies changes.
+::::
+
+## Preparing a deployment for production [ece-prepare-production]
+
+To make sure you’re all set for production, consider the following actions:
+
+* [](./customize-deployment.md): Learn how to change your deployment architecture, configure resources, autoscaling, data tiers, and other {{stack}} components, from the **Edit** deployment view.
+* [](./edit-stack-settings.md): Add, remove, or update {{es}} or {{kib}} YML configuration settings.
+* [](./resize-deployment.md): Considerations when scaling deployments.
+* [](./add-plugins.md): Enable or disable plugins from the list of available extensions in ECE.
+* [](./add-custom-bundles-plugins.md): Add custom plugins or external configuration files to your {{es}} instances.
+* [](./ece-regional-deployment-aliases.md): Configure custom aliases to create predictable and human-readable URLs for your {{stack}} components, making them easier to share and use.
+* [](./resource-overrides.md): Temporary extend cluster capacity to improve stability.
+
+Refer to [](./working-with-deployments.md) for additional actions and configurable features for your deployments, such as snapshots, secure settings, and monitoring.
@@ -0,0 +1,114 @@
+---
+navigation_title: Connect to Elasticsearch
+applies_to:
+  deployment:
+    ece: all
+mapped_pages:
+  - https://www.elastic.co/guide/en/cloud-enterprise/current/ece-cloud-id.html
+  - https://www.elastic.co/guide/en/cloud-enterprise/current/ece-connect.html
+---
+
+# Connect to Elasticsearch [ece-connect]
+
+This section explains how to connect client applications to an {{es}} deployment running on ECE. You can use the [endpoint URL](#ece-connect-endpoint) available in the deployment UI, or the [Cloud ID](#ece-cloud-id) for a simplified setup with compatible clients such as Beats and Logstash.
+
+% TBD - not sure if this is totally accurate
+% {{ece}} clusters running on ECE only support connections over **HTTP/HTTPS** through the RESTful API. Direct connections to the transport port are not supported.
+
+To successfully connect to a deployment, you need both the connection details and valid authentication credentials for an authorized user in the target deployment. For more details on authentication and authorization mechanisms in ECE, refer to [Users and roles](../../users-roles.md#orchestrator-level).
+
+## Connect Using the Endpoint URL [ece-connect-endpoint]
+
+To connect to your {{es}} cluster, copy the **{{es}} endpoint** from the deployment page in the [Cloud UI](./log-into-cloud-ui.md).
+
+::::{important}
+Application endpoints in ECE are generated based on the domain name configured in **Platform > Settings**. To learn how to modify these endpoints, refer to [Change endpoint URLs](./change-endpoint-urls.md).
+::::
+
+Once you have the endpoint, use it in your client application. To test connectivity, you can:
+* Open the endpoint in your browser and enter authentication details when prompted.
+* Modify the following `curl` example to fit your environment by replacing the URL and proxy CA certificate with your own values.
+
+  ```sh
+  curl --cacert /path/to/elastic-ece-ca-cert.pem -u elastic https://f76e96da2a7f4d3f8f3ee25d686b879c.HOST-IP-ADDRESS.ip.es.io:9243
+  {
+    "name" : "instance-0000000000",
+    "cluster_name" : "f76e96da2a7f4d3f8f3ee25d686b879c",
+    "cluster_uuid" : "w2SXqdACQCy5AAixXRxeXg",
+    "version" : {
+      "number" : "8.17.3",
+      "build_flavor" : "default",
+      "build_type" : "docker",
+      "build_hash" : "a091390de485bd4b127884f7e565c0cad59b10d2",
+      "build_date" : "2025-02-28T10:07:26.089129809Z",
+      "build_snapshot" : false,
+      "lucene_version" : "9.12.0",
+      "minimum_wire_compatibility_version" : "7.17.0",
+      "minimum_index_compatibility_version" : "7.0.0"
+    },
+    "tagline" : "You Know, for Search"
+  }
+  ```
+
+  The previous example authenticates to the cluster using the default `elastic` user. For more information on authentication and authorization in {{es}}, refer to [](../../users-roles.md).
+
+  ::::{note}
+  When connecting to {{es}}, you can use one of the following ports:
+  * Port 9243 – Secure HTTPS (**recommended**).
+  * Port 9200 – Plaintext HTTP (**not recommended**).
+  ::::
+
+## Connect using Cloud ID [ece-cloud-id]
+
+The Cloud ID reduces the number of steps required to start sending data from [Beats](https://www.elastic.co/guide/en/beats/libbeat/current/index.html) or [Logstash](https://www.elastic.co/guide/en/logstash/current/index.html) to your hosted {{es}} cluster on ECE, by assigning a unique ID to your cluster.
+
+::::{note}
+Connections through Cloud IDs are only supported in Beats and Logstash.
+::::
+
+
+Cloud IDs are available in every deployment page, as showed below:
+
+:::{image} ../../../images/cloud-enterprise-ec-ce-cloud-id.png
+:alt: The Cloud ID and `elastic` user information shown when you create a deployment
+:::
+
+Include this ID along with your user credentials (defined in `cloud.auth`) in your Beat or Logstash configuration. ECE will handle the remaining connection details, ensuring secure data transfer to your hosted cluster.
+
+### Before you begin [ece_before_you_begin_16]
+
+To use the Cloud ID, you need:
+
+* A deployment with an {{es}} cluster to send data to.
+* Beats or Logstash, installed locally wherever you want to send data from.
+* To configure Beats or Logstash, you need:
+    * The unique Cloud ID for your deployment, available from the deployment overview page.
+    * A user ID and password that has permission to send data to your {{es}} cluster.
+
+::::{important}
+        In our examples, we use the `elastic` superuser that every {{es}} cluster comes with. The password for the `elastic` user is provided when you create a deployment (and can also be [reset](../../users-roles/cluster-or-deployment-auth/built-in-users.md) if you forget it). On a production system, you should adapt these examples by creating a user that can write to and access only the minimally required indices. For each Beat, review the specific feature and role table, similar to the one in [Metricbeat](asciidocalypse://docs/beats/docs/reference/metricbeat/feature-roles.md) documentation.
+::::
+
+### Configure Beats with your Cloud ID [ece-cloud-id-beats]
+
+The following example shows how you can send operational data from Metricbeat to a new ECE deployment by using the Cloud ID. While this example uses Metricbeat, the same approach applies to other Beats.
+
+::::{tip}
+For others, you can learn more about [getting started](asciidocalypse://docs/beats/docs/reference/index.md) with each Beat.
+::::
+
+To get started with Metricbeat and {{ece}}:
+
+1. [Log into the Cloud UI](log-into-cloud-ui.md).
+2. [Create a new deployment](create-deployment.md) and copy down the password for the `elastic` user.
+3. On the deployment overview page, copy down the Cloud ID.
+4. Set up the Beat of your choice, such as [Metricbeat](asciidocalypse://docs/beats/docs/reference/metricbeat/metricbeat-installation-configuration.md).
+5. [Configure the Beat output to send to Elastic Cloud](asciidocalypse://docs/beats/docs/reference/metricbeat/configure-cloud-id.md).
+
+    ::::{note}
+    Make sure you replace the values for `cloud.id` and `cloud.auth` with your own information.
+    ::::
+
+6. Open Kibana and explore!
+
+Metricbeat creates a data view (formerly *index pattern*) with defined fields, searches, visualizations, and dashboards that you can start exploring in Kibana. Look for information related to system metrics, such as CPU usage, utilization rates for memory and disk, and details for processes.