Bastion jump host

Question

Opened this issue 2 years ago · 0 comments

Is your feature request related to a problem? Please describe.

I don't want the k8s api endpoint exposed on the nodes as this opens a massive attack surface.

Describe the solution you'd like

A small EC2 instance running in the same VPC (potentially an autoscaling group to ensure one always exists).
NLB targeting instance for ssh access
K8s config setup