There are numerous resources with public IPs created in CDM release/6.5.2.
How can they be deployed with private IPs?
I can certainly slog through this process, but hoping there is something a little more turn key?
There is also code that leave 3 ports open to 0.0.0.0/0 in:
Tried changing to my public IP, but this is a breaking change in eks-mount-efs.sh
(Can’t detect the public IPs anymore)
It may be part of the answer in that we can limit access.
But I would think the cluster and worker node don’t need public IPs.
At least AWS agrees with this assessment at least generically for the EKS service.
Not sure about compatibility with CDM.
I am testing this additional controller.service parameter.