mTLS only setup for Elasticsearch

Is it possible to only use mTLS i.e. only authentication via PKI realm. I almost have the cluster working (using open source helm charts and 7.1.7 images). One issue I have is the pod readiness doesn't succeed as the _cluster/health endpoint is not accessible anonymously and readiness_probe script is not making use of TLS certs, I couldn't find it can even be configured to use tls certs and keys while making the request.
I then thought may be if I put the anonymouse user to monitoring_user role it should work. So I added below config
xpack.security.authc.anonymous.roles: monitoring_user
Hoping now to see /_cluster/health endpoint to work anonymously but it still doesn't allow.

Is there a way to make the readiness probe to work with mTLS pki realm only?