Add options to control EKS Public Endpoint
Problem
Currently, Dedicated is using public subnets and endpoints for the networking architecture. (Internal only - link here: https://gitlab.com/gitlab-com/gl-infra/gitlab-dedicated/team/-/blob/main/architecture/Network.md#option-a-public-instances-and-public-eks-endpoint)
We would like to be able to implement "Option C" (internal only - link here: https://gitlab.com/gitlab-com/gl-infra/gitlab-dedicated/team/-/blob/main/architecture/Network.md#option-c-private-instances-and-private-eks-endpoint). This is networking with all instances and EKS nodes within private subnets.
Shifting from public to private subnets will improve the security posture of the service.
Request
Examine what changes, if any, in GET would need to made to support "Option C".
- Is this already supported today, and Dedicated simply isn't using it?
- If not, what do we need to do to implement this option and allow customers to migrate to it?
Edited by Grant Young