1. Proposed title of this feature request

GCP - Put bootstrap node behind LoadBalancer to protect from the vmExternalIpAccess constraint 

2. What is the nature and description of the request?

Have the bootstrap node be behind a LB so that the customer doesn't need to change the org policy constraints in their GCP org.

3. Why does the customer need this? (List the business requirements here)

The customer uses GCP.  In GCP, the customer has setup "Organization policy constraints"

More info can be found here:

https://cloud.google.com/resource-manager/docs/organization-policy/org-policy-constraints

One of the constraints that the customer has implemented is "compute.vmExternalIpAccess".  This constraint ensures that no VM's will get external IP's.  When checking a running cluster, this policy appears to be fine.  However, the customer hit this constraint and was unable to install a cluster in GCP because the bootstrap node does get an external IP.

4. List any affected packages or components.

The outcome of this ticket would be to have the bootstrap node be behind a loadbalancer so it does not receive the IP, the LB would receive the IP.  This way the constraint can be in place and the customer does not need to implement a work around.