From a572aa8803bffc3efdf5035be8cd471f62feb2ea Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Edu=20Gonz=C3=A1lez=20de=20la=20Herr=C3=A1n?=
 <25320357+eedugon@users.noreply.github.com>
Date: Fri, 1 Aug 2025 17:37:37 +0200
Subject: [PATCH 1/6] added sections and references in credentials handling in
 ECK

---
 .../managed-credentials-eck.md                | 20 +++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/deploy-manage/users-roles/cluster-or-deployment-auth/managed-credentials-eck.md b/deploy-manage/users-roles/cluster-or-deployment-auth/managed-credentials-eck.md
index ffe24d25f5..17b63e0ddd 100644
--- a/deploy-manage/users-roles/cluster-or-deployment-auth/managed-credentials-eck.md
+++ b/deploy-manage/users-roles/cluster-or-deployment-auth/managed-credentials-eck.md
@@ -72,3 +72,23 @@ kubectl delete secret -l eck.k8s.elastic.co/credentials=true
 ::::{warning}
 This command regenerates auto-generated credentials of **all** {{stack}} applications in the namespace.
 ::::
+
+## Creating custom users
+
+### Native realm
+
+You can create custom users in the {{es}} native realm using {{es}} user management APIs or {{kib}}.
+
+Refer to [Native user authentication](/deploy-manage/users-roles/cluster-or-deployment-auth/native.md) for more details.
+
+### File realm
+
+Custom users can also be created by providing the desired file realm content or a username and password in Kubernetes secrets, referenced in the {{es}} resource.
+
+Refer to [File-based user authentication](/deploy-manage/users-roles/cluster-or-deployment-auth/file-based.md) for extra details and examples.
+
+## Creating custom roles
+
+Roles can be specified using the Role management API, or the Role management UI in {{kib}}. Additionally, file-based role management can be achieved by referencing Kubernetes secrets containing the roles specification.
+
+Refer to [Managing custom roles](/deploy-manage/users-roles/cluster-or-deployment-auth/defining-roles.md#managing-custom-roles) for details and examples.
\ No newline at end of file

From 9b7bb06be7d5425b8c10668915ea74ec343a5710 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Edu=20Gonz=C3=A1lez=20de=20la=20Herr=C3=A1n?=
 <25320357+eedugon@users.noreply.github.com>
Date: Sat, 2 Aug 2025 06:53:59 +0200
Subject: [PATCH 2/6] Update
 deploy-manage/users-roles/cluster-or-deployment-auth/managed-credentials-eck.md

Co-authored-by: shainaraskas <58563081+shainaraskas@users.noreply.github.com>
---
 .../cluster-or-deployment-auth/managed-credentials-eck.md       | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/deploy-manage/users-roles/cluster-or-deployment-auth/managed-credentials-eck.md b/deploy-manage/users-roles/cluster-or-deployment-auth/managed-credentials-eck.md
index 17b63e0ddd..e0732794f6 100644
--- a/deploy-manage/users-roles/cluster-or-deployment-auth/managed-credentials-eck.md
+++ b/deploy-manage/users-roles/cluster-or-deployment-auth/managed-credentials-eck.md
@@ -85,7 +85,7 @@ Refer to [Native user authentication](/deploy-manage/users-roles/cluster-or-depl
 
 Custom users can also be created by providing the desired file realm content or a username and password in Kubernetes secrets, referenced in the {{es}} resource.
 
-Refer to [File-based user authentication](/deploy-manage/users-roles/cluster-or-deployment-auth/file-based.md) for extra details and examples.
+For more information, refer to [File-based user authentication](/deploy-manage/users-roles/cluster-or-deployment-auth/file-based.md).
 
 ## Creating custom roles
 

From 9527680729f3fecb20c5202d6c6b0b6c0d6bf93d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Edu=20Gonz=C3=A1lez=20de=20la=20Herr=C3=A1n?=
 <25320357+eedugon@users.noreply.github.com>
Date: Fri, 8 Aug 2025 11:40:32 +0200
Subject: [PATCH 3/6] updated eck creds

---
 .../cluster-or-deployment-auth/managed-credentials-eck.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/deploy-manage/users-roles/cluster-or-deployment-auth/managed-credentials-eck.md b/deploy-manage/users-roles/cluster-or-deployment-auth/managed-credentials-eck.md
index e0732794f6..a0f0a86de1 100644
--- a/deploy-manage/users-roles/cluster-or-deployment-auth/managed-credentials-eck.md
+++ b/deploy-manage/users-roles/cluster-or-deployment-auth/managed-credentials-eck.md
@@ -75,6 +75,8 @@ This command regenerates auto-generated credentials of **all** {{stack}} applica
 
 ## Creating custom users
 
+{{eck}} provides functionality to facilitate custom user creation through various authentication realms. You can create users using the native realm, file realm, or external authentication methods.
+
 ### Native realm
 
 You can create custom users in the {{es}} native realm using {{es}} user management APIs or {{kib}}.
@@ -87,6 +89,12 @@ Custom users can also be created by providing the desired file realm content or
 
 For more information, refer to [File-based user authentication](/deploy-manage/users-roles/cluster-or-deployment-auth/file-based.md).
 
+### External authentication realms
+
+You can also configure external authentication realms such as LDAP, OpenID Connect, or SAML in your ECK deployments by providing the appropriate {{es}} or {{kib}} configuration settings and any required [certificates or configuration files](/deploy-manage/deploy/cloud-on-k8s/custom-configuration-files-plugins.md).
+
+For more information, refer to [External authentication](/deploy-manage/users-roles/cluster-or-deployment-auth/external-authentication.md).
+
 ## Creating custom roles
 
 Roles can be specified using the Role management API, or the Role management UI in {{kib}}. Additionally, file-based role management can be achieved by referencing Kubernetes secrets containing the roles specification.

From e37eaf8ce2029bcc10269684a907705ad4cd39a9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Edu=20Gonz=C3=A1lez=20de=20la=20Herr=C3=A1n?=
 <25320357+eedugon@users.noreply.github.com>
Date: Fri, 8 Aug 2025 11:52:26 +0200
Subject: [PATCH 4/6] added link to ECK users and roles from configure
 deployments landing page

---
 deploy-manage/deploy/cloud-on-k8s/configure-deployments.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/deploy-manage/deploy/cloud-on-k8s/configure-deployments.md b/deploy-manage/deploy/cloud-on-k8s/configure-deployments.md
index e1c0eb65d1..24daff9278 100644
--- a/deploy-manage/deploy/cloud-on-k8s/configure-deployments.md
+++ b/deploy-manage/deploy/cloud-on-k8s/configure-deployments.md
@@ -19,6 +19,8 @@ This section provides details around {{kib}} and {{es}} configuration when runni
 
 Additionally, the following topics apply to both {{es}} and {{kib}}, and in some cases, to other applications supported by ECK:
 
+* [**Users and roles**](/deploy-manage/users-roles/cluster-or-deployment-auth/managed-credentials-eck.md): Learn how to work with managed credentials, create custom users, and configure authentication realms.
+
 * [**Access services**](accessing-services.md): Learn how to access to the orchestrated clusters and how to adapt the Kubernetes services to your needs.
 
 * [**Customize Pods**](customize-pods.md): Learn how to adapt the `podTemplate` field to your needs.

From bd8595ca2fd436de31cc919b3dc652f3ba9c355f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Edu=20Gonz=C3=A1lez=20de=20la=20Herr=C3=A1n?=
 <25320357+eedugon@users.noreply.github.com>
Date: Fri, 8 Aug 2025 16:22:04 +0200
Subject: [PATCH 5/6] applying Michael's suggestions

---
 .../managed-credentials-eck.md                | 20 +++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/deploy-manage/users-roles/cluster-or-deployment-auth/managed-credentials-eck.md b/deploy-manage/users-roles/cluster-or-deployment-auth/managed-credentials-eck.md
index a0f0a86de1..75ae8b91cb 100644
--- a/deploy-manage/users-roles/cluster-or-deployment-auth/managed-credentials-eck.md
+++ b/deploy-manage/users-roles/cluster-or-deployment-auth/managed-credentials-eck.md
@@ -36,13 +36,13 @@ kubectl get secret quickstart-es-elastic-user -o go-template='{{.data.elastic |
 
 If your prefer to manage all users via SSO, for example using [SAML Authentication](../../../deploy-manage/users-roles/cluster-or-deployment-auth/saml.md) or OpenID Connect, you can disable the default `elastic` superuser by setting the `auth.disableElasticUser` field in the {{es}} resource to `true`:
 
-```yaml
+```yaml subs=true
 apiVersion: elasticsearch.k8s.elastic.co/v1
 kind: Elasticsearch
 metadata:
   name: elasticsearch-sample
 spec:
-  version: 8.16.1
+  version: {{version.stack}}
   auth:
     disableElasticUser: true
   nodeSets:
@@ -77,17 +77,17 @@ This command regenerates auto-generated credentials of **all** {{stack}} applica
 
 {{eck}} provides functionality to facilitate custom user creation through various authentication realms. You can create users using the native realm, file realm, or external authentication methods.
 
-### Native realm
+### File realm
 
-You can create custom users in the {{es}} native realm using {{es}} user management APIs or {{kib}}.
+ECK supports creating users through Kubernetes secrets referenced in the {{es}} resource. These secrets can contain either file realm content or standard authentication credentials with a username and password.
 
-Refer to [Native user authentication](/deploy-manage/users-roles/cluster-or-deployment-auth/native.md) for more details.
+For more information, refer to [File-based user authentication > Add users](/deploy-manage/users-roles/cluster-or-deployment-auth/file-based.md#add-users), and check the ECK examples.
 
-### File realm
+### Native realm
 
-Custom users can also be created by providing the desired file realm content or a username and password in Kubernetes secrets, referenced in the {{es}} resource.
+You can create custom users in the {{es}} native realm using {{es}} user management APIs or {{kib}}.
 
-For more information, refer to [File-based user authentication](/deploy-manage/users-roles/cluster-or-deployment-auth/file-based.md).
+Refer to [Native user authentication](/deploy-manage/users-roles/cluster-or-deployment-auth/native.md) for more details.
 
 ### External authentication realms
 
@@ -97,6 +97,6 @@ For more information, refer to [External authentication](/deploy-manage/users-ro
 
 ## Creating custom roles
 
-Roles can be specified using the Role management API, or the Role management UI in {{kib}}. Additionally, file-based role management can be achieved by referencing Kubernetes secrets containing the roles specification.
+ECK facilitates file-based role management through Kubernetes secrets containing the roles specification. Alternatively, you can use the Role management API or the Role management UI in {{kib}}.
 
-Refer to [Managing custom roles](/deploy-manage/users-roles/cluster-or-deployment-auth/defining-roles.md#managing-custom-roles) for details and examples.
\ No newline at end of file
+Refer to [Managing custom roles](/deploy-manage/users-roles/cluster-or-deployment-auth/defining-roles.md#managing-custom-roles) for details and [ECK based examples](/deploy-manage/users-roles/cluster-or-deployment-auth/defining-roles.md#roles-management-file).
\ No newline at end of file

From 215c4235231fbd353e57224f481b80b757844558 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Edu=20Gonz=C3=A1lez=20de=20la=20Herr=C3=A1n?=
 <25320357+eedugon@users.noreply.github.com>
Date: Fri, 8 Aug 2025 16:27:23 +0200
Subject: [PATCH 6/6] applying Michael's suggestions

---
 .../cluster-or-deployment-auth/managed-credentials-eck.md       | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/deploy-manage/users-roles/cluster-or-deployment-auth/managed-credentials-eck.md b/deploy-manage/users-roles/cluster-or-deployment-auth/managed-credentials-eck.md
index 75ae8b91cb..c83dab7d3f 100644
--- a/deploy-manage/users-roles/cluster-or-deployment-auth/managed-credentials-eck.md
+++ b/deploy-manage/users-roles/cluster-or-deployment-auth/managed-credentials-eck.md
@@ -99,4 +99,4 @@ For more information, refer to [External authentication](/deploy-manage/users-ro
 
 ECK facilitates file-based role management through Kubernetes secrets containing the roles specification. Alternatively, you can use the Role management API or the Role management UI in {{kib}}.
 
-Refer to [Managing custom roles](/deploy-manage/users-roles/cluster-or-deployment-auth/defining-roles.md#managing-custom-roles) for details and [ECK based examples](/deploy-manage/users-roles/cluster-or-deployment-auth/defining-roles.md#roles-management-file).
\ No newline at end of file
+Refer to [Managing custom roles](/deploy-manage/users-roles/cluster-or-deployment-auth/defining-roles.md#managing-custom-roles) for details and ECK based examples.
\ No newline at end of file