Minimum grants required for application user to manipulate indices data

Hi

Elastic 7.11.1

When enable-ing security on my elastic cluster. Then applications that access data, need to have an user for these operations.
My question is, what would be the minimum roles/grants that need to be assigned to the application user to achieve the following:

  1. Read and write data from and to the indices
  2. Read and write data from and to the indices through aliases
  3. Use certain ingest pipelines
  4. Create indices and pipelines (*)

I would like to know separate grants for each of these points (nr 4 would be nice to know, but application does not eed to create these, these can be created with admin user).

Raul