DLM is not granted permission to manage restricted indices, but it does not know this

[masseyke]

This is related to #139156. DLM is only granted permission to manage restricted indices that are in a whitelist. However, DLM does not know this. It attempts to perform lifecycle management on all data streams that have a lifecyle. If a new restricted data stream gets added somehow, we wind up with indices showing as yellow in the health report, with root cause messages like:

"{\"type\":\"security_exception\",\"reason\":\"action [indices:admin/rollover] is unauthorized for user [_data_stream_lifecycle] with effective roles [_data_stream_lifecycle] on restricted indices [.workflows-execution-data-stream-logs], this action is granted by the index privileges [manage,all]\"}"

There are a few ways we might handle this:

• Add an assertion that DLM does not run on any restricted data stream not in the whitelist, so that we detect this at test time.
• Give DLM privileges on all data streams
• Have DLM detect this (either before attempting rollover, or catching the exception), and not log an error

[elasticsearchmachine]

Pinging @elastic/es-data-management (Team:Data Management)