Backport of Add additional endpoints, remove non-protected endpoints into release/1.13.x

[hc-github-team-secure-vault-core]

Backport

This PR is auto-generated from #20669 to be assessed for backporting due to the inclusion of the label backport/1.13.x.

🚨

Warning automatic cherry-pick of commits failed. If the first commit failed,
you will see a blank no-op commit below. If at least one commit succeeded, you
will see the cherry-picked commits up to, not including, the commit where
the merge conflict occurred.

The person who merged in the original PR is:
@jonathanfrappier
This person should manually cherry-pick the original PR into a new backport PR,
and close this one when the manual backport PR is merged in.

merge conflict error: POST https://api.github.com/repos/hashicorp/vault/merges: 409 Merge conflict []

The below text is copied from the body of the original PR.

---

🎟️ Jira ticket

🔍 Deploy preview

Description

• sys/auth/:path/tune is listed
  sys/auth/:path/tune | GET, POST, DELETE | Manage the auth methods (enable, read, delete, and tune)
• Removed - auth/token/create-orphan is not a root-protected endpoint.
• Added missing / - There is a slash missing from sys/config/auditing/request-headers:name
• Added - sys/config-ui is not a valid endpoint. This should be sys/config/ui/headers
• Added - sys/config/ui/headers/:name
• Removed - sys/internal/specs/openapi is not root protected!
• Removed - sys/step-down is listed as root protected but is not
• Added - sys/remount is root protected but missing from the table
• Added - sys/storage/raft/snapshot-auto/config
• Added - /sys/storage/raft/snapshot-auto/config/:name
• Spot checked several verbs, including sys/raw which was pointed out as an example of being incorrect, but according to our documentation is correct in the table.

Update:

• Added - sys/internal/inspect/router/
• Already in table specific to endpoints requiring sudo - sys/leases
• Opted to leave out since deprecated - sys/revoke-force/:prefix and sys/revoke-prefix/:prefix
• Already in table - beyond scope of this specific doc for further explanation - auth/token/create

---

Overview of commits

• c6970cd

[hashicorp-cla]

Thank you for your submission! We require that all contributors sign our Contributor License Agreement ("CLA") before we can accept the contribution. Read and sign the agreement

Learn more about why HashiCorp requires a CLA and what the CLA includes

---

1 out of 2 committers have signed the CLA.

• yhyakuna
• temp

---

temp seems not to be a GitHub user.
You need a GitHub account to be able to sign the CLA. If you already have a GitHub account, please add the email address used for this commit to your account.

_{Have you signed the CLA already but the status is still pending? Recheck it.}

[yhyakuna]

Closing this and track this with #20765