Deprecate using slm privileges to access ilm (#110540)

Currently, read_slm privilege grants access to get the ILM status,
and manage_slm grants access to start/stop ILM. This access will
be removed in the future, but needs to be deprecated before
removal. Add deprecation warning to the read_slm and manage_slm docs.

docs/changelog/110540.yaml

@@ -0,0 +1,16 @@
+pr: 110540
+summary: Deprecate using slm privileges to access ilm
+area: ILM+SLM
+type: deprecation
+issues: []
+deprecation:
+  title: Deprecate using slm privileges to access ilm
+  area: REST API
+  details: The `read_slm` privilege can get the ILM status, and
+    the `manage_slm` privilege can start and stop ILM. Access to these 
+    APIs should be granted using the `read_ilm` and `manage_ilm` privileges
+    instead. Access to ILM APIs will be removed from SLM privileges in
+    a future major release, and is now deprecated.
+  impact: Users that need access to the ILM status API should now 
+    use the `read_ilm` privilege. Users that need to start and stop ILM, 
+    should use the `manage_ilm` privilege.

docs/reference/security/authorization/privileges.asciidoc

@@ -2,7 +2,7 @@
 === Security privileges
 :frontmatter-description: A list of privileges that can be assigned to user roles.
 :frontmatter-tags-products: [elasticsearch]
-:frontmatter-tags-content-type: [reference] 
+:frontmatter-tags-content-type: [reference]
 :frontmatter-tags-user-goals: [secure]
 
 This section lists the privileges that you can assign to a role.
@@ -198,6 +198,10 @@ All {slm} ({slm-init}) actions, including creating and updating policies and
 starting and stopping {slm-init}.
 +
 This privilege is not available in {serverless-full}.
++
+deprecated:[8.15] Also grants the permission to start and stop {Ilm}, using
+the {ref}/ilm-start.html[ILM start] and {ref}/ilm-stop.html[ILM stop] APIs.
+In a future major release, this privilege will not grant any {Ilm} permissions.
 
 `manage_token`::
 All security-related operations on tokens that are generated by the {es} Token
@@ -285,6 +289,10 @@ All read-only {slm-init} actions, such as getting policies and checking the
 {slm-init} status.
 +
 This privilege is not available in {serverless-full}.
++
+deprecated:[8.15] Also grants the permission to get the {Ilm} status, using
+the {ref}/ilm-get-status.html[ILM get status API]. In a future major release,
+this privilege will not grant any {Ilm} permissions.
 
 `read_security`::
 All read-only security-related operations, such as getting users, user profiles,