We have Elasticsearch behind a load balancer that only supports HTTP GET health checks.
Security is enabled
Are there any existing (7.3.0+) API/paths that will respond to an unauthenticated HTTP GET request (while security is enabled)?
Currently we use the anonymous role to grant access to the base path i.e.
but some people get nervous when there is talk of anonymous anything, so we were considering removing said anonymous access.
We like our current load balancer, so don't want to switch LBs just for TCP health checks. Adding TCP health checks is an open feature request with the current LB.
If there isn't an existing API/path should there be? That is, should this be a feature request?