The kibana yaml setting you are likely looking for is xpack.security.sameSiteCookies
, more details hele.
I've just added it to my Elastic Cloud deployment
And I could deploy a minimal TypeScript React application that shows an iframe of a public dashboard I have at https://ela.st/cumbre-vieja-eruption on this location: https://ihbdnn.csb.app/
Mind that of course one thing is allowing your iframe to load and another for Kibana to display stuff for anonymous users, skip the login screen and so on. The whole Anonymous authentication section in the Kibana docs provides comprehensive details on how this works.