[CI] IndicesAndAliasesResolverTests testDataStreamNotAuthorizedWhenBackingIndicesAreAuthorizedViaNameAndRequestThatExcludesDataStreams failing

[elasticsearchmachine]

Build Scans:

• elasticsearch-periodic #5805 / release-tests
• elasticsearch-periodic #5800 / release-tests
• elasticsearch-periodic #5795 / release-tests

Reproduction Line:

./gradlew ":x-pack:plugin:security:test" --tests "org.elasticsearch.xpack.security.authz.IndicesAndAliasesResolverTests.testDataStreamNotAuthorizedWhenBackingIndicesAreAuthorizedViaNameAndRequestThatIncludesDataStreams" -Dtests.seed=7024DA3D17F912D7 -Dbuild.snapshot=false -Dtests.jvm.argline="-Dbuild.snapshot=false" -Dlicense.key=x-pack/license-tools/src/test/resources/public.key -Dtests.locale=xh-ZA -Dtests.timezone=America/Chihuahua -Druntime.java=23

Applicable branches:
8.x

Reproduces locally?:
N/A

Failure History:
See dashboard

Failure Message:

java.lang.AssertionError: 
Expected: a collection containing ".fs-logs-foobar-2025.01.11-000001"
     but: mismatches were: [was ".ds-logs-foobar-2025.01.11-000001"]

Issue Reasons:

• [8.x] 3 consecutive failures in step release-tests
• [8.x] 3 failures in test testDataStreamNotAuthorizedWhenBackingIndicesAreAuthorizedViaNameAndRequestThatExcludesDataStreams (2.6% fail rate in 114 executions)
• [8.x] 3 failures in step release-tests (75.0% fail rate in 4 executions)
• [8.x] 3 failures in pipeline elasticsearch-periodic (75.0% fail rate in 4 executions)

Note:
This issue was created using new test triage automation. Please report issues or feedback to es-delivery.

[elasticsearchmachine]

Pinging @elastic/es-security (Team:Security)

[jbaiera]

This should be fixed with #119934