How to bootstrap a cluster to enable security plugin in production

what is the difference between opendistro_security.allow_default_init_securityindex and securityadmin.sh?

In production, if I configured certs and internal_users, roles, etc correctly, can I use opendistro_security.allow_default_init_securityindex: true to bootstrap the cluster?
Or do I have to run securityadmin.sh at least once to bootstrap?

I am trying to find what does opendistro_security.allow_default_init_securityindex do from the doc, but I can not find. can someone help explain?

Thanks