create a dedicated role for pushing logs to data-streams
stack mgmt // roles name: logs-role indices: logs-* privileges: auto_configure, create_doc stack mgmt // users name: logs-user roles: logs-role
https://www.elastic.co/guide/en/elasticsearch/reference/7.17/defining-roles.html
https://www.elastic.co/guide/en/elasticsearch/reference/7.17/built-in-roles.html
https://www.elastic.co/guide/en/elasticsearch/reference/7.17/security-privileges.html