Running securityAdmin.sh with -backup option is resulting in errors

We have a use case to take backup of .opendistro_security index and are using below command to take backup of security index:
sh securityadmin.sh -backup /opensearch-backup/.securityconfig
This was working fine with OpenSearch v1.3.2. However, when we moved to OpenSearch v2.1.0 it is failing with below error:

securityadmin started
**************************************************************************
** This tool will be deprecated in the next major release of OpenSearch **
** https://github.com/opensearch-project/security/issues/1755           **
**************************************************************************
Security Admin v7
Will connect to localhost:9200 ... done
Connected as "CN=admin"
OpenSearch Version: 2.1.0
Contacting opensearch cluster 'testos' and wait for YELLOW clusterstate ...
Clustername: testos
Clusterstate: GREEN
Number of nodes: 4
Number of data nodes: 2
.opendistro_security index already exists, so we do not need to create one.
Legacy index '.opendistro_security' (ES 6) detected (or forced). You should migrate the configuration!
Will retrieve '/config' into /opensearch-backup/.securityconfig/config.yml (legacy mode)
ERR: Seems config from cluster is not in legacy format: java.io.IOException: A version of 1 can not have a _meta key for CONFIG
Will retrieve '/roles' into /opensearch-backup/.securityconfig/roles.yml (legacy mode)
ERR: Seems roles from cluster is not in legacy format: com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException: Unrecognized field "index_permissions" (class org.opensearch.security.securityconf.impl.v6.RoleV6), not marked as ignorable (5 known properties: "tenants", "readonly", "indices", "hidden", "cluster"])
 at [Source: (String)"{"_meta":{"type":"roles","config_version":2},"kibana_read_only":{"reserved":false},"security_rest_api_access":{"reserved":false},"kibana_multitenancy_user":{"reserved":false,"hidden":false,"index_permissions":[{"index_patterns":[".kibana_*"],"allowed_actions":["manage","read","delete","index"]}],"tenant_permissions":[{"tenant_patterns":["global_tenant"],"allowed_actions":["kibana_all_write"]}]}}"; line: 1, column: 211] (through reference chain: org.opensearch.security.securityconf.impl.SecurityDynamicConfiguration["kibana_multitenancy_user"]->org.opensearch.security.securityconf.impl.v6.RoleV6["index_permissions"])
Will retrieve '/rolesmapping' into /opensearch-backup/.securityconfig/roles_mapping.yml (legacy mode)
ERR: Seems rolesmapping from cluster is not in legacy format: com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException: Unrecognized field "backend_roles" (class org.opensearch.security.securityconf.impl.v6.RoleMappingsV6), not marked as ignorable (6 known properties: "and_backendroles", "readonly", "users", "backendroles", "hidden", "hosts"])
 at [Source: (String)"{"_meta":{"type":"rolesmapping","config_version":2},"all_access":{"reserved":false,"hidden":false,"backend_roles":["admin"],"description":"Migrated from v6"},"own_index":{"reserved":false,"hidden":false,"users":["*"]},"kibana_user":{"reserved":false,"backend_roles":["kibanauser"],"description":"Maps kibanauser to kibana_user role"},"readall":{"reserved":false,"backend_roles":["readall"]},"kibana_server":{"reserved":false,"users":["kibanaserver"]},"kibana_multitenancy_user":{"reserved":"false","h"[truncated 30 chars]; line: 1, column: 116] (through reference chain: org.opensearch.security.securityconf.impl.SecurityDynamicConfiguration["all_access"]->org.opensearch.security.securityconf.impl.v6.RoleMappingsV6["backend_roles"])
Will retrieve '/internalusers' into /opensearch-backup/.securityconfig/internal_users.yml (legacy mode)
ERR: Seems internalusers from cluster is not in legacy format: com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException: Unrecognized field "backend_roles" (class org.opensearch.security.securityconf.impl.v6.InternalUserV6), not marked as ignorable (7 known properties: "readonly", "username", "attributes", "hidden", "password", "roles", "hash"])
 at [Source: (String)"{"_meta":{"type":"internalusers","config_version":2},"admin":{"reserved":false,"hidden":false,"hash":"$2a$12$VcCDgh2NDk07JGN0rjGbM.Ad41qVR/YFJcgHp0UGns5JDymv..TOG","backend_roles":["admin"]},"kibanaserver":{"reserved":false,"hash":"$2a$12$4AcgAt3xwOWadA5s5blL6ev39OXDNhmOesEoo33eZtrq2N0YrU3H."}}"; line: 1, column: 182] (through reference chain: org.opensearch.security.securityconf.impl.SecurityDynamicConfiguration["admin"]->org.opensearch.security.securityconf.impl.v6.InternalUserV6["backend_roles"])
Will retrieve '/actiongroups' into /opensearch-backup/.securityconfig/action_groups.yml (legacy mode)
ERR: Seems actiongroups from cluster is not in legacy format: java.io.IOException: A version of 1 can not have a _meta key for ACTIONGROUPS
Will retrieve '/nodesdn' into /opensearch-backup/.securityconfig/nodes_dn.yml (legacy mode)
ERR: Seems nodesdn from cluster is not in legacy format: java.io.IOException: A version of 1 can not have a _meta key for NODESDN
Will retrieve '/whitelist' into /opensearch-backup/.securityconfig/whitelist.yml (legacy mode)
ERR: Seems whitelist from cluster is not in legacy format: java.io.IOException: A version of 1 can not have a _meta key for WHITELIST
Will retrieve '/audit' into /opensearch-backup/.securityconfig/audit.yml (legacy mode)
ERR: Seems audit from cluster is not in legacy format: java.io.IOException: A version of 1 can not have a _meta key for AUDIT
securityadmin ended

I have checked the format of config files in both the version 1.3.2.0 and 2.1.0.0, it looks the same.
Can you please suggest a way to resolve this and also check and share why is this error observed?

@Pratiksha This bug has already been reported to the OpenSearch dev team.

Currently, there is no fix. However, REST API GET calls can retrieve the current config.

Has this been fixed in 2.2.0? I don’t fix mentioned in the release notes. If not, is there any plan to fix it? The roadmap has no mention of it.

@pablo yes the REST API can get the config, however the docs says that this option is not supported! (plugins.security.unsupported.restapi.allow_securityconfig_modification)

@asfoorial plugins.security.unsupported.restapi.allow_securityconfig_modificationregards config modification i.e. PUT, POST, PATCH and not GET. You don’t need this option to use GET REST API.