I am using ECK operator. I have own helm chart where I have specified Elasticsearch kind manifest yaml. Sry for the inaccurate description.
apiVersion: elasticsearch.k8s.elastic.co/v1
kind: Elasticsearch
...
I can confirm that turning off /on of security using xpack.security.enabled works (except in this case 
). Although I found in ECK operator logs this line:
{"log.level":"info","@timestamp":"2022-08-24T11:31:19.255Z","log.logger":"elasticsearch-controller","message":"Elasticsearch manifest has warnings. Proceed at your own risk. [spec.nodeSets[0].config.cluster.name: Forbidden: Configuration setting is reserved for internal use. User-configured use is unsupported, spec.nodeSets[0].config.network.host: Forbidden: Configuration setting is reserved for internal use. User-configured use is unsupported, spec.nodeSets[0].config.xpack.security.enabled: Forbidden: Configuration setting is reserved for internal use. User-configured use is unsupported]"...
I continued with this setting because I found this comment ECK - Xpack settings - Forbidden: Configuration setting is reserved for internal use - #4 by michael.morello.
Oukej , I will try the anonymous access.