Add justification/reasoning for privileges

See below for inspiration 👇

The following is a breakdown of Elasticsearch permissions and how they are used by Camunda to perform the necessary Elasticsearch actions :

• manage_index_templates - when Camunda Operate is booted up/started for the first time, Operate will check if the necessary index templates exist, if not, the index templates will be created. After the startup/initialization phase, this privilege is not required anymore, and can be revoked.
• manage_pipeline - a pipeline privilege is only used when an upgrade is performed for Camunda 8 from version x to y. If you don't need to perform an upgrade, this privilege is not required. It can be granted temporarily, while performing an upgrade.
• monitor - this privilege is required to check the Elasticsearch cluster health. This privilege provides us with read-only cluster operations permissions. We believe it is safe to use from your cluster's perspective, as it will not affect any other tenants of your Elasticsearch cluster. Let us know if you think otherwise.
• manage_index_templates and manage_ilm - these privileges are only required when Operate starts for the first time, meaning, it will create the necessary index templates and ILM policies. You can start Operate, for the first time with these two privileges granted. Once completed and the index templates and ILM policies are created, you can stop Operate, remove the privileges, and then start Operate again.
• manage_index_templates, manage_pipeline, and manage_ilm - these privileges only needed during an upgrade to a newer version. At the time you want to upgrade your Camunda instance, you can perform the following steps:
  • Stop Operate component
  • Grant these privileges.
  • Perform the upgrade
  • Once the upgrade and migration have been completed, stop the Operate and remove the privileges
  • Start Operate
• create_snapshot and monitor_snapshot - only needed to perform backups, if you don't plan to use the backup feature, then these privileges are not needed at all. If you want to perform a backup you can provide Operate with the privileges before you create a backup and revoke them after the backup has been completed.

All info should be reviewed by @romansmirnov.

From internal Slack channel -https://camunda.slack.com/archives/C06KJPVS5CG