[DOC] Security Plugin Whitelist/Allowlist Settings and the APIs Are Not Documented

[cliu123]

What do you want to do?

• [x] Add new documentation

Tell us about your request. Provide a summary of the request and all versions that are affected. The Whitelist setting and APIs in security plugin are not documented. This setting has been existing since OpenSearch 1.0. Allowlist setting was introduced in OpenSearch 2.1 as an alternative to the deprecated Whitelist settings and APIs. Whitelist settings and APIs are planned to be removed in OpenSearch 3.0.0 release as a breaking change.

What other resources are available? Provide links to related issues, POCs, steps for testing, etc. Whitelist setting: https://github.com/opensearch-project/security/blob/main/config/whitelist.yml Whitelist API:: https://github.com/opensearch-project/security/blob/main/src/main/java/org/opensearch/security/dlic/rest/api/WhitelistApiAction.java#L76 Allowlist setting: https://github.com/opensearch-project/security/blob/main/config/allowlist.yml Allowlist APIs: https://github.com/opensearch-project/security/blob/main/src/main/java/org/opensearch/security/dlic/rest/api/AllowlistApiAction.java#L85

[AntonEliatra]

@hdhalter This seems to already be covered in https://opensearch.org/docs/latest/security/configuration/yaml/#allowlistyml