elastic-mgmt | osearch-mgmt | elastic-mgmt-users | osearch-mgmt-users | elastic-mgmt-mapping
create a dedicated role for pushing logs to data-streams
security / roles / create role logs-role # cluster perms create_index indices:admin/auto_create indices:admin/create indices:admin/data_stream/create write index permissions: logs-* # index perms create_index indices:admin/auto_create indices:admin/create indices:admin/data_stream/create write
and don’t forget to map some dedicated app/env user to that role