We want to restrict SSH access (port 22) to the cluster VMs. SSH access to the cluster VMs should only be allowed from the two LBs instead of allowing SSH access to all nodes from anywhere.
Acceptance criteria
SSH access to cluster VMs only allowed from LBs
Commodore component updated to use latest version of the Terraform module
Rolled out for all clusters managed with the Terraform module (shouldn't need maintenance, since the security group rules are managed individually)
Summary
We want to restrict SSH access (port 22) to the cluster VMs. SSH access to the cluster VMs should only be allowed from the two LBs instead of allowing SSH access to all nodes from anywhere.
Acceptance criteria
Implementation ideas