Sorry for the late reply!
In principle you would follow the approach outlined in our documentation for custom configuration files https://www.elastic.co/guide/en/cloud-on-k8s/master/k8s-bundles-plugins.html
spec:
nodes: # incomplete config, just to convey the idea!
- config:
xpack.security.authc.realms:
...
ldap.realm1: # adjust to your config of course
...
files.role_mapping: /mnt/config/role-mapping/group_to_role_mapping.yml
podTemplate:
spec:
containers:
- name: elasticsearch
volumeMounts:
- name: role-mapping
mountPath: /mnt/config/role-mapping # just an example, you can chose something that works for you here
volumes:
- name: role-mapping
configMap:
name: role-mappings
This assumes you have created a ConfigMap called role-mappings
containing your group_to_role_mapping.yml
file