User Story:

As a cluster admin, I want the AWS Cloud Controller Manager NLB security group management feature available in GA (generally available), so that all ROSA HCP clusters can benefit from automatic NLB security group configuration without TechPreview restrictions.

Description

Promote the NLB Security Group Management feature from TechPreview to GA by removing the TechPreviewNoUpgrade gate and enabling NLBSecurityGroupMode = "Managed" for all ROSA HCP clusters by default.

Implementation location:

• File: control-plane-operator/controllers/hostedcontrolplane/v2/cloud_controller_manager/aws/config.go
• Remove TechPreview gate condition
• Enable NLBSecurityGroupMode by default for all ROSA HCP clusters

Acceptance Criteria

• Test that NLBSecurityGroupMode = "Managed" is included in CCM cloud-config for ALL ROSA HCP clusters (regardless of feature set)
• Verify that clusters upgraded from TechPreview continue to work without changes
• Test that new clusters created without TechPreview have NLBSecurityGroupMode enabled
• Verify backward compatibility: clusters created before this change continue to function
• Test that the feature works correctly across supported OpenShift versions

Additional Context

• Depends on: SPLAT-2587 (TechPreview implementation must be stable)
• Requires: Validation period in TechPreview (recommend 1-2 releases)
• Out of scope: Documentation (separate story [SPLAT-XXXX])

Prerequisites

• Feature validated in TechPreview for at least 1 release cycle
• No critical bugs reported against TechPreview implementation
• AWS CCM upstream feature is stable