Always document security-related configurations, permissions, and behaviors explicitly and comprehensively. When documenting security features:
For example, when documenting an API that interacts with protected resources:
IMPORTANT: This action requires specific permissions. In {es} 8.1 and later, the superuser
role doesn't have write access to system indices. If you execute this request as a
user with the superuser role, you must have an additional role with the
`allow_restricted_indices` privilege set to `true` to delete system indices.
For configuration documentation:
NOTE: Transport profiles do not inherit TLS/SSL settings from the default transport.
The `xpack.security.transport.ssl.enabled` setting is an exception that controls
SSL for both default transport and any transport profiles.
Clear and complete security documentation prevents misconfigurations that could lead to vulnerabilities or access issues.
Enter the URL of a public GitHub repository