In the month of August 2023, AWS introduced the feature to use a security group with NLB to configure fine-grained control over the traffic that flows to and from AWS resources such as Amazon Elastic Compute Cloud instances.

Currently, in the OCP 4 cluster when we create any ingresscontroller or NLB type SVC an inbound rule gets created in the master and worker SG allowing traffic from NLB. I am sure the customers are interested and will be reaching out for this feature very soon.

Even just yesterday, I was on a call with the customer where we workaround an issue related to Security Group for NLB I really felt if we have this feature then we can avoid issues related to SG ingress rule limit whenever customers create LB type SVC, concerns related to the wide open inbound rule allowing traffic from LB to instances where customer's can use their custom SG for NLB.

--> https://aws.amazon.com/blogs/containers/network-load-balancers-now-support-security-groups/

--> https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-security-groups.html