Unauthorized route migration for routes owned by search-kibana (elastic#214786)

### Authz API migration for unauthorized routes

This PR migrates last unauthorized routes owned by your team to a new
security configuration.
Please refer to the documentation for more information: [Authorization
API](https://docs.elastic.dev/kibana-dev-docs/key-concepts/security-api-authorization)

### **Before migration:**
```ts
router.get({
  path: '/api/path',
  ...
}, handler);
```

### **After migration:**
```ts
router.get({
  path: '/api/path',
  security: {
    authz: {
      enabled: false,
      reason: 'This route is opted out from authorization because ...',
    },
  },
  ...
}, handler);
```

Author: elena-shostak

x-pack/solutions/search/packages/kbn-search-api-keys-server/src/routes/routes.ts

@@ -20,6 +20,12 @@ export function registerSearchApiKeysRoutes(router: IRouter, logger: Logger) {
   router.post(
     {
       path: APIRoutes.API_KEY_VALIDITY,
+      security: {
+        authz: {
+          enabled: false,
+          reason: 'This route delegates authorization to the scoped ES client',
+        },
+      },
       validate: {
         body: schema.object({
           id: schema.string(),
@@ -60,6 +66,12 @@ export function registerSearchApiKeysRoutes(router: IRouter, logger: Logger) {
   router.post(
     {
       path: APIRoutes.API_KEYS,
+      security: {
+        authz: {
+          enabled: false,
+          reason: 'This route delegates authorization to the scoped ES client',
+        },
+      },
       validate: {},
       options: {
         access: 'internal',

x-pack/solutions/search/plugins/search_inference_endpoints/server/routes.ts

@@ -18,6 +18,12 @@ export function defineRoutes({ logger, router }: { logger: Logger; router: IRout
   router.get(
     {
       path: APIRoutes.GET_INFERENCE_ENDPOINTS,
+      security: {
+        authz: {
+          enabled: false,
+          reason: 'This route delegates authorization to the scoped ES client',
+        },
+      },
       validate: {},
     },
     errorHandler(logger)(async (context, request, response) => {
@@ -39,6 +45,12 @@ export function defineRoutes({ logger, router }: { logger: Logger; router: IRout
   router.delete(
     {
       path: APIRoutes.INFERENCE_ENDPOINT,
+      security: {
+        authz: {
+          enabled: false,
+          reason: 'This route delegates authorization to the scoped ES client',
+        },
+      },
       validate: {
         params: schema.object({
           type: schema.string(),

x-pack/solutions/search/plugins/search_notebooks/server/routes/index.ts

@@ -16,6 +16,12 @@ export function defineRoutes({ config, notebooksCache, logger, router }: RouteDe
   router.get(
     {
       path: '/internal/search_notebooks/notebooks',
+      security: {
+        authz: {
+          enabled: false,
+          reason: 'This route delegates authorization to the notebook service',
+        },
+      },
       validate: {
         query: schema.object({
           list: schema.maybe(schema.string()),
@@ -44,6 +50,12 @@ export function defineRoutes({ config, notebooksCache, logger, router }: RouteDe
   router.get(
     {
       path: '/internal/search_notebooks/notebooks/{notebookId}',
+      security: {
+        authz: {
+          enabled: false,
+          reason: 'This route delegates authorization to the notebook service',
+        },
+      },
       validate: {
         params: schema.object({
           notebookId: schema.string(),