diff --git a/src/main/java/ddingdong/ddingdongBE/common/config/SecurityConfig.java b/src/main/java/ddingdong/ddingdongBE/common/config/SecurityConfig.java
index cc659bca..e7d955d0 100644
--- a/src/main/java/ddingdong/ddingdongBE/common/config/SecurityConfig.java
+++ b/src/main/java/ddingdong/ddingdongBE/common/config/SecurityConfig.java
@@ -39,7 +39,7 @@ public SecurityFilterChain filterChain(HttpSecurity http, JwtAuthService authSer
                 .permitAll()
                 .requestMatchers(API_PREFIX + "/admin/**").hasRole("ADMIN")
                 .requestMatchers(API_PREFIX + "/club/**").hasRole("CLUB")
-                .requestMatchers(actuatorPath + "/**").hasRole("ADMIN")
+                .requestMatchers(actuatorPath + "/**").permitAll()
                 .requestMatchers(GET,
                     API_PREFIX + "/clubs/**",
                     API_PREFIX + "/notices/**",
diff --git a/src/main/resources/application-prod.yml b/src/main/resources/application-prod.yml
index ec3e9f66..62114c52 100644
--- a/src/main/resources/application-prod.yml
+++ b/src/main/resources/application-prod.yml
@@ -47,9 +47,10 @@ server:
 
 management:
   endpoints:
+    enabled-by-default: false
     web:
       exposure:
-        include: info, health, prometheus
+        include: info, health
       base-path: ${ACTUATOR_BASE_PATH}
     jmx:
       exposure: