[DOCS] Replace CONFIG_DIR with ES_PATH_CONF (#31635)

docs/reference/settings/security-settings.asciidoc

@@ -333,7 +333,7 @@ role mappings are not considered. Defaults to `false`.
 `files.role_mapping`::
 The {xpack-ref}/security-files.html[location] for the {xpack-ref}/mapping-roles.html#mapping-roles[
 YAML role mapping configuration file]. Defaults to
-`CONFIG_DIR/role_mapping.yml`.
+`ES_PATH_CONF/role_mapping.yml`.
 
 `follow_referrals`::
 Specifies whether {security} should follow referrals returned
@@ -499,7 +499,7 @@ considered. Defaults to `false`.
 
 `files.role_mapping`::
 The {xpack-ref}/security-files.html[location] for the YAML
-role mapping configuration file. Defaults to `CONFIG_DIR/role_mapping.yml`.
+role mapping configuration file. Defaults to `ES_PATH_CONF/role_mapping.yml`.
 
 `user_search.base_dn`::
 The context to search for a user. Defaults to the root
@@ -724,7 +724,7 @@ for SSL. This setting cannot be used with `certificate_authorities`.
 `files.role_mapping`::
 Specifies the {xpack-ref}/security-files.html[location] of the
 {xpack-ref}/mapping-roles.html[YAML role mapping configuration file].
-Defaults to `CONFIG_DIR/role_mapping.yml`.
+Defaults to `ES_PATH_CONF/role_mapping.yml`.
 
 `cache.ttl`::
 Specifies the time-to-live for cached user entries. A user and a hash of its 

x-pack/docs/en/security/auditing/output-logfile.asciidoc

@@ -47,7 +47,7 @@ audited in plain text when including the request body in audit events.
 
 [[logging-file]]
 You can also configure how the logfile is written in the `log4j2.properties`
-file located in `CONFIG_DIR`. By default, audit information is appended to the
+file located in `ES_PATH_CONF`. By default, audit information is appended to the
 `<clustername>_access.log` file located in the standard Elasticsearch `logs` directory
 (typically located at `$ES_HOME/logs`). The file rolls over on a daily basis.
 

x-pack/docs/en/security/authentication/configuring-file-realm.asciidoc

@@ -5,7 +5,7 @@
 You can manage and authenticate users with the built-in `file` internal realm. 
 All the data about the users for the `file` realm is stored in two files on each 
 node in the cluster: `users` and `users_roles`. Both files are located in 
-`CONFIG_DIR/` and are read on startup.
+`ES_PATH_CONF` and are read on startup.
 
 [IMPORTANT]
 ==============================
@@ -50,7 +50,7 @@ xpack:
 
 . Restart {es}.
 
-. Add user information to the `CONFIG_DIR/users` file on each node in the 
+. Add user information to the `ES_PATH_CONF/users` file on each node in the 
 cluster. 
 +
 --
@@ -76,7 +76,7 @@ IMPORTANT: As the administrator of the cluster, it is your responsibility to
 
 --
 
-. Add role information to the `CONFIG_DIR/users_roles` file on each node 
+. Add role information to the `ES_PATH_CONF/users_roles` file on each node 
 in the cluster. 
 +
 --

x-pack/docs/en/security/authentication/configuring-ldap-realm.asciidoc

@@ -56,7 +56,7 @@ xpack:
  group_search:
  base_dn: "dc=example,dc=com"
  files:
- role_mapping: "CONFIG_DIR/role_mapping.yml"
+ role_mapping: "ES_PATH_CONF/role_mapping.yml"
  unmapped_groups_as_roles: false
 ------------------------------------------------------------
 

x-pack/docs/en/security/authorization/managing-roles.asciidoc

@@ -137,7 +137,7 @@ see {ref}/security-api-roles.html[Role Management APIs].
 === File-based role management
 
 Apart from the _Role Management APIs_, roles can also be defined in local
-`roles.yml` file located in `CONFIG_DIR`. This is a YAML file where each
+`roles.yml` file located in `ES_PATH_CONF`. This is a YAML file where each
 role definition is keyed by its name.
 
 [IMPORTANT]

x-pack/docs/en/security/reference/files.asciidoc

@@ -1,23 +1,23 @@
 [[security-files]]
 === Security Files
 
-The {security} uses the following files:
+{security} uses the following files:
 
-* `CONFIG_DIR/roles.yml` defines the roles in use on the cluster
+* `ES_PATH_CONF/roles.yml` defines the roles in use on the cluster
  (read more <<roles-management-file, here>>).
 
-* `CONFIG_DIR/elasticsearch-users` defines the users and their hashed passwords for
+* `ES_PATH_CONF/elasticsearch-users` defines the users and their hashed passwords for
  the <<file-realm,`file` realm>>.
 
-* `CONFIG_DIR/elasticsearch-users_roles` defines the user roles assignment for the
+* `ES_PATH_CONF/elasticsearch-users_roles` defines the user roles assignment for the
  the <<file-realm, `file` realm>>.
 
-* `CONFIG_DIR/role_mapping.yml` defines the role assignments for a
+* `ES_PATH_CONF/role_mapping.yml` defines the role assignments for a
  Distinguished Name (DN) to a role. This allows for LDAP and Active Directory
  groups and users and PKI users to be mapped to roles (read more
  <<mapping-roles, here>>).
 
-* `CONFIG_DIR/log4j2.properties` contains audit information (read more
+* `ES_PATH_CONF/log4j2.properties` contains audit information (read more
  <<logging-file, here>>).
 
 [[security-files-location]]

x-pack/docs/en/security/securing-communications/tls-ad.asciidoc

@@ -37,7 +37,7 @@ xpack:
  domain_name: ad.example.com
  url: ldaps://ad.example.com:636
  ssl:
- certificate_authorities: [ "CONFIG_DIR/cacert.pem" ]
+ certificate_authorities: [ "ES_PATH_CONF/cacert.pem" ]
 --------------------------------------------------
 
 The CA cert must be a PEM encoded certificate.

x-pack/docs/en/security/securing-communications/tls-ldap.asciidoc

@@ -29,7 +29,7 @@ xpack:
  order: 0
  url: "ldaps://ldap.example.com:636"
  ssl:
- certificate_authorities: [ "CONFIG_DIR/cacert.pem" ]
+ certificate_authorities: [ "ES_PATH_CONF/cacert.pem" ]
 --------------------------------------------------
 
 The CA certificate must be a PEM encoded.

x-pack/docs/en/security/troubleshooting.asciidoc

@@ -125,7 +125,7 @@ The role definition might be missing or invalid.
 |======================
 
 To help track down these possibilities, add the following lines to the end of
-the `log4j2.properties` configuration file in the `CONFIG_DIR`:
+the `log4j2.properties` configuration file in the `ES_PATH_CONF`:
 
 [source,properties]
 ----------------