Refactor internal AWS Security Group setup to be membership based

What does this MR do?

Follow up from !871 (merged) !873 (merged) !880 (merged) !881 (merged)

With Launch Templates now enabled by default we can finally configure EKS Nodes to be members of a security group.

That allows us to move forward with our previous plan to make internal connections SG membership based instead of defining wider CIDR blocks for a more best practice secure networking setup.

MR also allows for the specific scenario to pass in custom SGs for GitLab Rails (Omnibus) for custom external load balancer ingress.

Related issues

Closes #569 (closed)

Author's checklist

When ready for review, the Author applies the workflowready for review label and mention @gl-quality/get-maintainers:

• Merge request:
  • Corresponding Issue raised and reviewed by the GET maintainers team.
  • Merge Request Title and Description are up-to-date, accurate, and descriptive
  • MR targeting the appropriate branch
  • MR has a green pipeline
  • MR has no new security alerts in the widget from the Secret Detection and IaC Scan (SAST) jobs.
• Code:
  • Check the area changed works as expected. Consider testing it in different environment sizes (1k,3k,10k,etc.).
  • Documentation created/updated in the same MR.
  • If this MR adds an optional configuration - check that all permutations continue to work.
  • For Terraform changes: set up a previous version environment, then run a terraform plan with your new changes and ensure nothing will be destroyed. If anything will be destroyed and this can't be avoided please add a comment to the current MR.
• Create any follow-up issue(s) to support the new feature across other supported cloud providers or advanced configurations. Create 1 issue for each provider/configuration. Contact the Quality Enablement team if unsure.