This question has been asked on the AWS forums and the answer was to set up a default vhost that handles traffic on the bare IP address and doesn't do any redirects. This will mean that normal users who hit your IP address will not be redirected either.
You could alternatively specify the path part of the URL that you want the ELB to request and ignore that path by adding another RewriteCond:
RewriteCond %{HTTP_HOST} !^www\.example\.com$ [NC]
RewriteCond %{REQUEST_URI} !^/health-check$
RewriteRule ^ http://www.example.com/$1 [R=301,L]
Normal users who hit that URL will not be redirected.
You could also use the same technique to detect the User-Agent of the ELB.
RewriteCond %{HTTP_HOST} !^www\.example\.com$ [NC]
RewriteCond %{HTTP_USER_AGENT} !^ELB-HealthChecker
RewriteRule ^ http://www.example.com/$1 [R=301,L]
Normal users who spoof their User-Agent will not be redirected.
Or the internal IP address of the ELB.
RewriteCond %{HTTP_HOST} !^www\.example\.com$ [NC]
RewriteCond %{REMOTE_ADDR} !^10\.
RewriteRule ^ http://www.example.com/$1 [R=301,L]
For this option to work, you will require either mod_rpaf
(for Apache 2.2) or mod_remoteip
(for Apache 2.4) to modify the REMOTE_ADDR
variable to contain the correct part of the contents of the X-Forwarded-For
header. As long as you set that up correctly, it shouldn't be possible for a normal user to avoid the redirect response.