(DOCSP-23247): Fix URL structures (#1255)

* (DOCSP-23247): Fix URL structures

* adjust refs to fix build errors

* review feedback

Author: jeff-allen-mongo

config/redirects

@@ -2012,6 +2012,8 @@ raw: ${prefix}/${version}/applications/drivers -> ${base}/drivers/
 (v5.3-*]: ${prefix}/${version}/tutorial/manage-client-side-encryption-data-keys -> ${base}/${version}/core/csfle/fundamentals/manage-keys
 (v5.3-*]: ${prefix}/${version}/reference/security-client-side-encryption-limitations -> ${base}/${version}/core/csfle/reference/limitations
 (v5.3-*]: ${prefix}/${version}/reference/security-client-side-query-aggregation-support -> ${base}/${version}/core/csfle/reference/supported-operations
+(v5.3-*]: ${prefix}/${version}/reference/security-client-side-encryption -> ${base}/${version}/core/csfle
+(v5.3-*]: ${prefix}/${version}/core/queryable-encryption/queryable-encryption/ -> ${base}/${version}/core/queryable-encryption
 
 # CSFLE Cleanup Redirects for versions 5.3 and earlier
 
@@ -2037,3 +2039,4 @@ raw: ${prefix}/${version}/applications/drivers -> ${base}/drivers/
 [*-v5.3]: ${prefix}/${version}/core/csfle/reference/cryptographic-primitives/ -> ${base}/${version}/core/security-client-side-encryption
 [*-v5.3]: ${prefix}/${version}/core/csfle/reference/cryptographic-primitives/ -> ${base}/${version}/core/security-client-side-encryption
 [*-v5.3]: ${prefix}/${version}/core/csfle/reference/mongocryptd/ -> ${base}/${version}/reference/security-client-side-encryption-appendix/
+[*-v5.3]: ${prefix}/${version}/core/queryable-encryption -> ${base}/${version}/core/security-client-side-encryption

snooty.toml

@@ -47,6 +47,7 @@ toc_landing_pages = [
    "/core/authorization",
    "/core/backups",
    "/core/crud",
+   "/core/csfle",
    "/core/csfle/fundamentals/",
    "/core/csfle/reference",
    "/core/csfle/tutorials",
@@ -67,11 +68,8 @@ toc_landing_pages = [
    "/core/replica-set-high-availability",
    "/core/replica-set-members",
    "/core/replica-set-secondary",
-   "/core/security-automatic-client-side-encryption",
-   "/core/security-client-side-encryption-key-management",
-   "/core/security-client-side-encryption",
    "/core/security-encryption-at-rest",
-   "/core/queryable-encryption/queryable-encryption/",
+   "/core/queryable-encryption/",
    "/core/queryable-encryption/fundamentals/",
    "/core/queryable-encryption/tutorials/",
    "/core/queryable-encryption/reference/",

source/administration/security-checklist.txt

@@ -96,7 +96,7 @@ Pre-production Checklist/Considerations
   MongoDB data using file-system permissions. MongoDB data includes data
   files, configuration files, auditing logs, and key files.
 
-- You can use :doc:`/core/security-client-side-encryption` to encrypt
+- You can use :ref:`manual-csfle-feature` to encrypt
   fields in documents application-side prior to transmitting data over
   the wire to the server.
 

source/core/security-client-side-encryption.txt renamed to source/core/csfle.txt

@@ -26,7 +26,7 @@ Before you can use {+csfle-abbrev+}, you must set up the following items
 in your development environment:
 
 - Install :manual:`MongoDB Enterprise Edition version 4.2 or later </installation/#mongodb-enterprise-edition-installation-tutorials>`.
-- Install a :manual:`MongoDB Driver Compatible with CSFLE </core/security-client-side-encryption/#driver-compatibility-table>`.
+- Install a :ref:`MongoDB Driver Compatible with CSFLE <csfle-driver-compatibility>`.
 - Install `OpenSSL <https://www.openssl.org/source/>`__ *optional*.
 - Start a
   :manual:`MongoDB instance </tutorial/manage-mongodb-processes/#start-mongod-processes>`

source/core/csfle/install.txt

@@ -31,8 +31,8 @@ randomized encryption, while maintaining equality queryability.
 Sensitive data is transparently encrypted and decrypted by the client
 and only communicated to and from the server in encrypted form.
 
-Unlike :manual:`Client-Side Field Level Encryption </core/security-client-side-encryption>`
-that can use :manual:`Deterministic Encryption </core/security-client-side-encryption#deterministic-encryption>`,
+Unlike :ref:`Client-Side Field Level Encryption <manual-csfle-feature>`
+that can use :ref:`Deterministic Encryption <csfle-deterministic-encryption>`,
 {+qe+} uses fast, searchable encryption schemes that always encrypt a
 given input value to a different encrypted output value.
 

source/core/queryable-encryption/queryable-encryption.txt renamed to source/core/queryable-encryption.txt

@@ -185,7 +185,7 @@ per-document basis within the application layer.
 
    MongoDB 4.2-series drivers provides a client-side field level
    encryption framework. For more information, see
-   :doc:`/core/security-client-side-encryption`.
+   :ref:`manual-csfle-feature`.
 
 To encrypt full documents, write custom encryption and decryption
 routines or use a commercial solution.

source/core/queryable-encryption/features.txt

@@ -11,5 +11,5 @@ In-Use Encryption
 .. toctree::
    :titlesonly:
 
-   /core/queryable-encryption/queryable-encryption
-   /core/security-client-side-encryption
+   /core/queryable-encryption
+   /core/csfle

source/core/security-encryption-at-rest.txt

@@ -26,7 +26,7 @@ The following features are not supported for
 
 * :atlas:`Atlas Search </atlas-search>`
 * :doc:`Change streams </changeStreams>`
-* :doc:`Client-side field level encryption </core/security-client-side-encryption>`
+* :ref:`{+csfle+} <manual-csfle-feature>`
 * :realm:`Database Triggers </triggers/database-triggers>`
 * :realm:`GraphQL API </graphql>`
 * :realm:`Realm Sync </sync>`

source/core/security-in-use-encryption.txt

@@ -40,7 +40,7 @@ content: |
   .. warning::
 
      Do not drop the unique index created by :method:`getKeyVault()`.
-     Client-side field level encryption operations depend on
+     {+csfle+} operations depend on
      server-enforced uniqueness of ``keyAltNames``. Removing the index
      may lead to unexpected or unpredictable behavior.
      
@@ -131,4 +131,4 @@ content: |
      4.2.1 legacy :binary:`~bin.mongo` shell do not support the AWS KMS
      service due to an unexpected change in the KMS response object.
      See :issue:`SERVER-44721` for more information.
-...
+...

source/core/timeseries/timeseries-limitations.txt

@@ -108,7 +108,7 @@ content: |
 
   .. important::
 
-     Client-side field level encryption depends on server-enforced
+     {+csfle+} depends on server-enforced
      uniqueness of key alternate names. :method:`getKeyVault()`
      creates a :ref:`unique index <index-type-unique>` on 
      ``keyAltNames`` if one does not exist. Do **not** drop the

source/includes/extracts-client-side-field-level-encryption.yaml

@@ -42,7 +42,7 @@ content: |
   Add Key Alternate Name
     .. important::
 
-       Client-side field level encryption depends on server-enforced
+       {+csfle+} depends on server-enforced
        uniqueness of key alternate names. Validate that a unique
        index exists on ``keyAltNames`` **prior** to adding a new
        key alternate name. If the unique index was dropped, you *must* 

source/includes/steps-csfle-shell-aws-create-key.yaml

@@ -107,7 +107,7 @@ content: |
 
   .. important::
 
-     Client-side field level encryption depends on server-enforced
+     {+csfle+} depends on server-enforced
      uniqueness of key alternate names. :method:`getKeyVault()`
      creates a :ref:`unique index <index-type-unique>` on 
      ``keyAltNames`` if one does not exist. Do **not** drop the

source/includes/steps-csfle-shell-aws-manage-key-altname.yaml

@@ -42,7 +42,7 @@ content: |
   Add Key Alternate Name
     .. important::
 
-       Client-side field level encryption depends on server-enforced
+       {+csfle+} depends on server-enforced
        uniqueness of key alternate names. Validate that a unique
        index exists on ``keyAltNames`` **prior** to adding a new
        key alternate name. If the unique index was dropped, you *must* 

source/includes/steps-csfle-shell-azure-create-key.yaml

@@ -104,7 +104,7 @@ content: |
 
   .. important::
 
-     Client-side field level encryption depends on server-enforced
+     {+csfle+} depends on server-enforced
      uniqueness of key alternate names. :method:`getKeyVault()`
      creates a :ref:`unique index <index-type-unique>` on 
      ``keyAltNames`` if one does not exist. Do **not** drop the

source/includes/steps-csfle-shell-azure-manage-key-altname.yaml

@@ -42,7 +42,7 @@ content: |
   Add Key Alternate Name
     .. important::
 
-       Client-side field level encryption depends on server-enforced
+       {+csfle+} depends on server-enforced
        uniqueness of key alternate names. Validate that a unique
        index exists on ``keyAltNames`` **prior** to adding a new
        key alternate name. If the unique index was dropped, you *must* 

source/includes/steps-csfle-shell-gcp-create-key.yaml

@@ -119,7 +119,7 @@ content: |
 
   .. important::
 
-     Client-side field level encryption depends on server-enforced
+     {+csfle+} depends on server-enforced
      uniqueness of key alternate names. :method:`getKeyVault()`
      creates a :ref:`unique index <index-type-unique>` on 
      ``keyAltNames`` if one does not exist. Do **not** drop the

source/includes/steps-csfle-shell-gcp-manage-key-altname.yaml

@@ -50,7 +50,7 @@ content: |
   Add Key Alternate Name
     .. important::
 
-       Client-side field level encryption depends on server-enforced
+       {+csfle+} depends on server-enforced
        uniqueness of key alternate names. Validate that a unique
        index exists on ``keyAltNames`` **prior** to adding a new
        key alternate name. If the unique index was dropped, you *must* 

source/includes/steps-csfle-shell-local-create-key.yaml

@@ -147,12 +147,13 @@ Work with your data in MongoDB
 
          .. step:: Encrypt your most sensitive data
 
-            Client-side field level encryption protects data while it is
+            {+csfle+} protects data while it is
             in-use by the database. Fields are encrypted before they
             leave your application, protecting them over the network, in
             memory and at rest.
 
-            :doc:`To learn more, see Client-Side Field Level Encryption </core/security-client-side-encryption>`
+            To learn more, see :ref:`Client-Side Field Level Encryption
+            <manual-csfle-feature>`.
 
       .. image:: /images/security.png
          :alt: MongoDB Security

source/includes/steps-csfle-shell-local-manage-key-altname.yaml

@@ -15,7 +15,7 @@ KeyVault.createDataKey()
 .. method:: KeyVault.createDataKey(keyManagementService, customerMasterKey, ["keyAltName"])
 
    Adds a data encryption key to the key vault associated to the
-   database connection. :ref:`Client-side field level encryption
+   database connection. :ref:`{+csfle+}
    <csfle-guide-intro>` uses data encryption keys
    for supporting encryption and decryption of field values.
 

source/index.txt

@@ -17,9 +17,9 @@ KeyVault.createKey()
 .. method:: KeyVault.createKey(keyManagementService, customerMasterKey, ["keyAltName"])
 
    Adds a data encryption key to the key vault associated to the
-   database connection. :doc:`Client-side field level encryption
-   </core/security-client-side-encryption>` uses data encryption keys
-   for supporting encryption and decryption of field values.
+   database connection. :ref:`{+csfle+}
+   <manual-csfle-feature>` uses data encryption keys for supporting
+   encryption and decryption of field values.
 
    :method:`~KeyVault.createKey()` has the following syntax:
 

source/reference/method/KeyVault.createDataKey.txt

@@ -51,7 +51,7 @@ Description
           .. versionadded:: 4.2
 
           Configuration parameters for enabling
-          :doc:`/core/security-client-side-encryption`.
+          :ref:`manual-csfle-feature`.
 
           ``ClientSideFieldLevelEncryptionOptions`` overrides the
           existing client-side field level encryption configuration of
@@ -75,7 +75,7 @@ Description
 .. versionadded:: 4.2
 
 The ``ClientSideFieldLevelEncryptionOptions`` document specifies
-configuration options for :doc:`/core/security-client-side-encryption`.
+configuration options for :ref:`manual-csfle-feature`.
 If the database connection has an existing client-side field level
 encryption configuration, specifying
 ``ClientSideFieldLevelEncryptionOptions`` overrides that configuration. 
@@ -155,7 +155,7 @@ following parameters:
        field level encryption uses the CMK for encrypting and decrypting
        data encryption keys. 
 
-       Client-side field level encryption supports the following KMS
+       {+csfle+} supports the following KMS
        providers:
 
        - :ref:`Amazon Web Services KMS <field-level-encryption-aws-kms>`

source/reference/method/KeyVault.createKey.txt

@@ -14,11 +14,10 @@ getClientEncryption()
 
 .. method:: getClientEncryption()
 
-   Returns the ``ClientEncryption`` object for the current database collection.
-   The ``ClientEncryption`` object supports explicit (manual) encryption 
-   and decryption of field values for 
-   :doc:`Client-Side field level encryption 
-   </core/security-client-side-encryption>`.
+   Returns the ``ClientEncryption`` object for the current database
+   collection. The ``ClientEncryption`` object supports explicit
+   (manual) encryption and decryption of field values for
+   :ref:`Client-Side field level encryption <manual-csfle-feature>`.
 
    :method:`getClientEncryption()` has the following syntax:
 

source/reference/method/Mongo.txt

@@ -16,8 +16,7 @@ getKeyVault()
 
    Returns the ``KeyVault`` object for the current database connection.
    The ``KeyVault`` object supports data encryption key management for
-   :doc:`Client-side field level encryption
-   </core/security-client-side-encryption>`. 
+   :ref:`{+csfle+} <manual-csfle-feature>`. 
 
    :method:`getKeyVault()` has the following syntax:
 

source/reference/method/getClientEncryption.txt

@@ -933,7 +933,7 @@ Client-Side Field Level Encryption Options
    AWS Key Management Service (KMS). The :program:`mongo` shell uses the specified 
    :option:`--awsAccessKeyId` to access the KMS. 
 
-   :option:`--awsAccessKeyId` is required for enabling :doc:`/core/security-client-side-encryption` 
+   :option:`--awsAccessKeyId` is required for enabling :ref:`manual-csfle-feature` 
    for the :program:`mongo` shell session. :option:`--awsAccessKeyId` requires *all* of the following
    command line options:
 
@@ -953,7 +953,7 @@ Client-Side Field Level Encryption Options
    An AWS `Secret Key <https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html>`__
    associated to the specified :option:`--awsAccessKeyId`.
 
-   :option:`--awsSecretAccessKey` is required for enabling :doc:`/core/security-client-side-encryption` 
+   :option:`--awsSecretAccessKey` is required for enabling :ref:`manual-csfle-feature` 
    for the :program:`mongo` shell session. :option:`--awsSecretAccessKey` requires *all* of the following
    command line options:
 
@@ -973,7 +973,7 @@ Client-Side Field Level Encryption Options
    An AWS `Session Token <https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html>`__
    associated to the specified :option:`--awsAccessKeyId`.
 
-   :option:`--awsSessionToken` is required for enabling :doc:`/core/security-client-side-encryption` 
+   :option:`--awsSessionToken` is required for enabling :ref:`manual-csfle-feature` 
    for the :program:`mongo` shell session. :option:`--awsSessionToken` requires *all* of the following
    command line options:
 
@@ -992,7 +992,7 @@ Client-Side Field Level Encryption Options
 
 
    The full namespace (``<database>.<collection>``) of the collection used as a
-   key vault for :doc:`/core/security-client-side-encryption`. :option:`--keyVaultNamespace` is
+   key vault for :ref:`manual-csfle-feature`. :option:`--keyVaultNamespace` is
    required for enabling client-side field level encryption. for the :program:`mongo`
    shell session. :program:`mongo` creates the specified namespace if it does not
    exist.
@@ -1455,5 +1455,3 @@ to enclose the JavaScript, using the following form:
    - :doc:`/reference/method`
    - :doc:`/reference/mongo`
    - :method:`isInteractive()`
-
-

source/reference/method/getKeyVault.txt

@@ -990,7 +990,7 @@ Automatic encryption of fields
 
 
 For complete documentation on client-side field level encryption,
-see :doc:`/core/security-client-side-encryption`.
+see :ref:`manual-csfle-feature`.
 
 General Security Enhancements
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

source/reference/program/mongo.txt

@@ -766,7 +766,7 @@ Starting in MongoDB 5.0 (and MongoDB 4.4.5), the Google Cloud Platform
 KMS and Azure Key Vault are supported in both :binary:`~bin.mongosh`
 and the legacy :binary:`~bin.mongo` shell as
 :ref:`Key Management Service (KMS) <field-level-encryption-kms>`
-providers for :doc:`/core/security-client-side-encryption`.
+providers for :ref:`manual-csfle-feature`.
 
 Using a KMS, you can centrally and securely store Customer Master Keys
 (CMKs), which are used to encrypt and decrypt data encryption keys as