Add Security List Data Stream Resource

[nick-benoit]

Changes inspired by using all security exception adjacent resources together

• Adds simple resource (elasticstack_kibana_security_list_data_streams) to manage lifecycle of create list data streams
• Adds more extensive test coverage for different list types within list type security exception item entries
  • Add tests for all types of security value list exception items including value list updates
  • Add tests for multiple exception items
  • Add tests for multiple entries in exception items of each type
  • Add tests for managing inner nested item entries
• Improve exception item schema validations

Rel: #1332

[Copilot]

Pull request overview

This PR adds a new resource elasticstack_kibana_security_list_data_streams to manage the lifecycle of .lists and .items data streams in Kibana, which are required before using security lists and exceptions that reference value lists. The implementation includes comprehensive test coverage for different list types (ip, keyword, ip_range) within security exception item entries.

Key Changes

• Added new security_list_data_streams resource for managing list data streams lifecycle
• Enhanced test coverage for security exception items with list entry types
• Refactored acceptance tests to use the new resource instead of manual setup functions

Reviewed changes

Copilot reviewed 40 out of 40 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
provider/plugin_framework.go	Registered the new security_list_data_streams resource
internal/kibana/security_list_data_streams/*.go	Implemented CRUD operations for the new resource
internal/kibana/security_list_data_streams/testdata/**/*.tf	Added test configurations for the new resource
internal/kibana/security_list_item/acc_test.go	Removed manual setup function in favor of resource-based approach
internal/kibana/security_list_item/testdata/**/*.tf	Updated test configs to use new data streams resource
internal/kibana/security_list/acc_test.go	Removed manual setup function in favor of resource-based approach
internal/kibana/security_list/testdata/**/*.tf	Updated test configs to use new data streams resource
internal/kibana/security_exception_item/acc_test.go	Enhanced test coverage for list entry types
internal/kibana/security_exception_item/testdata/**/*.tf	Added test configs for ip, keyword, and ip_range list types
internal/kibana/security_exception_item/schema.go	Added validation for list entries and list types
internal/clients/kibana_oapi/security_lists.go	Enhanced API functions with proper return values
examples/resources/elasticstack_kibana_security_list_data_streams/resource.tf	Added example usage
docs/resources/elasticsearch_security_user.md	Updated documentation formatting

[Copilot]

Pull request overview

Copilot reviewed 40 out of 40 changed files in this pull request and generated 3 comments.

[tobio]

Couple of small comments

[tobio]

Suggested change

	if !listIndex || !listItemIndex {
	if !listIndex && !listItemIndex {

Should we only completely remove it if they're both missing?

[nick-benoit]

I think we may want OR. If only one of them is false I don't think we would ever call the create API which I think is how we would get back to the desired end state.

[tobio]

So another approach would be to have list_index and list_item_index set to true during planning (IIRC a default would work, otherwise via a plan modifier), which would then trigger an update if either of them were false in state. Which might be more informative for users, or give us more flexibility in the future.

I'm not fussed though, this approach works and we can adjust it if required.