If your cluster has {es} {security-features} enabled, the restore API requires the `manage` cluster privilege. There is no bespoke role for the restore process. This privilege is very permissive and should only
be granted to users in the "administrator" category. Specifically, it allows
malicious users to exfiltrate data to a location of their choosing. Automated
tools should not run as users with this privilege.