User Story:

As a cluster admin, I want the AWS Cloud Controller Manager NLB security group management feature available in GA (generally available) to OpenShift, so that the feature will be available in the core and can benefit from automatic NLB security group configuration without TechPreview restrictions.

OCP feature gate configuration: https://github.com/openshift/api/pull/2354/changes#diff-a8b6135d50534471326ea7bcd20e0f5eae25353f7788338060f718128a6a0b34R818-R824 

Description

Promote the NLB Security Group Management feature from TechPreview to GA by removing the TechPreviewNoUpgrade gate and enabling NLBSecurityGroupMode = "Managed".

Implementation location:

• File: control-plane-operator/controllers/hostedcontrolplane/v2/cloud_controller_manager/aws/config.go
• Remove TechPreview gate condition
• Enable NLBSecurityGroupMode by default for all ROSA HCP clusters

Acceptance Criteria

• Test that NLBSecurityGroupMode = "Managed" is included in CCM cloud-config for ALL ROSA HCP clusters (regardless of feature set)
• Verify that clusters upgraded from TechPreview continue to work without changes
• Test that new clusters created without TechPreview have NLBSecurityGroupMode enabled
• Verify backward compatibility: clusters created before this change continue to function
• Test that the feature works correctly across supported OpenShift versions

Additional Context

• Depends on: SPLAT-2587 (TechPreview implementation must be stable)
• Requires: Validation period in TechPreview (recommend 1-2 releases)
• Out of scope: Documentation (separate story [ SPLAT-2589 ])

Prerequisites

• Feature validated in TechPreview for at least 1 release cycle
• No critical bugs reported against TechPreview implementation
• AWS CCM upstream feature is stable