Investigate the steps a Flink admin should take when creating a FlinkDeployment CR to secure the resulting Flink cluster.

Multiple options we can investigate:

• Enabling mTLS based communications between the internal Flink Components. Documentation for that is available upstream and examples exist in the Flink Kubernetes Operator repo.
• Prevent access from outside the Kubernetes cluster. The upstream documentation discusses external access security. The REST Endpoint can be configured to use mTLS authentication, but they recommend a reverse proxy setup for production setups. We should investigate what would be a supportable setup using RH componets.
• Only allow access from pods that are part of a FlinkSessionJob CR. If we secure the internal and external communication points dicussed above, how do we configure session jobs and the interactive CLI to talk to session clusters.

To mark this task as complete we should write up the steps we would advise a user to take. These steps can then be used in documentation and examples in the flink-sql repo examples folder and on the streamshub site.