[FEATURE] Make cluster settings equivalents of `config.dynamic.http.*` and `config.dynamic.kibana.*`

[cwperks]

Is your feature request related to a problem?

I'm filing this issue because I think cluster settings are a better place for dynamic configurations then the security index. This request would not be targeted for list settings like config.dynamic.authc... which contains the list of configured authenticators.

Primarily, the advantage of cluster settings over security index is:

1. BWC - In a mixed cluster, if you add a setting available in the later minor version that doesn't exist in prior minor version then the old nodes can error
2. Single API - Cluster admins must remember to call the Cluster Settings API vs. the Security Config API
   a. Related to this would be finer-grained controls on settings APIs as proposed in [RFC] Fine grained settings permissions #5219
3. Simpler to implement a new setting then add to the security config

In the event where both a cluster setting and securityconfig are defined, I would opt for the cluster setting to win.

For naming, I suggest using the prefixes:

• plugins.security.http.*
• plugins.security.dashboards - Let's use this opportunity to remove references to kibana

What solution would you like?

A cluster settings analogs to some of the settings currently defined in the securityconfig of the security index.

What alternatives have you considered?

Status quo