Jake Landis

It is splitting hair's but I have updated the issue to be a bug not an enhancement since the HTTP clients should be able to be configured via Elasticsearch settings....

I found that if I explicitly set `xpack.security.enabled: true` and bind mount a keystore that has a `bootstrap.password` set, then bind mounting the elasticsearch.yml works fine. I haven't dug into...

I haven't tested, but I am pretty sure that the the .bash* environment entries are only sourced upon login and is not read by our service (hence the need for...

@elasticsearchmachine update branch

@elasticmachine update branch

I wonder if the fix in transport bulk action should be conditionally forking based on current thread (i.e don't fork if currently executing in the system_critical_write) with the expectation that...

> for example, if Fleet writes to its system indices with a REST call to the bulk endpoint Why would Fleet (or any other external client) write to system indices...

> we still need to address BWC concern when sending remote cluster permissions to a RCS 2.0 cluster on an older version. Good catch. I have updated the code to...

> Do we want to track the usage of roles with remote_cluster privileges like we do for remote_indices ([here](https://github.com/elastic/elasticsearch/blob/fd6c2677953228d909ca05833e03405686298d3f/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/store/NativeRolesStore.java#L393-L396) and [here](https://github.com/elastic/elasticsearch/blob/fd6c2677953228d909ca05833e03405686298d3f/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/store/FileRolesStore.java#L156))? Indeed. I already got the filestore, but missed the...

all 👍 code review nits included in https://github.com/elastic/elasticsearch/pull/107493/commits/9b7ab458a08b8bd682ae49bce15133e11a40cc92