Securely Isolate Kong Admin API and Kong Manager Services using VPN CIDR on AWS EKS Cluster

[MFaouri]

Issue Description

I have deployed Kong on an AWS EKS cluster and I am facing a security concern. I need to find a way to separate the Kong Admin API and Kong Manager services from being publicly exposed. Instead, I want to restrict access to them only through a VPN CIDR. I am seeking assistance in implementing this solution.
Problem Statement

Currently, my Kong Admin API and Kong Manager services are accessible publicly, which poses a security risk. I want to enhance the security of my deployment by isolating these services and allowing access only from a specific VPN CIDR.
Desired Solution

I am looking for guidance on implementing a solution to securely isolate the Kong Admin API and Kong Manager services. Specifically, I want to achieve the following objectives:

1- Restrict public access to the Kong Admin API and Kong Manager services.
2- Configure access to these services only through a specific VPN CIDR.
3- Ensure that the solution is compatible with my AWS EKS cluster deployment.

Steps to Reproduce

Deploy Kong on an AWS EKS cluster.
Access the Kong Admin API and Kong Manager services.
Observe that both services are publicly exposed.
Attempt to restrict access to the services using a VPN CIDR.
Encounter difficulties or limitations in implementing the desired solution.

Expected Outcome

After implementing the solution, I expect the following:

The Kong Admin API and Kong Manager services should not be publicly accessible.
Access to these services should be limited to the specified VPN CIDR.
The solution should integrate seamlessly with my existing AWS EKS cluster deployment.

Additional Information:
1- AWS EKS cluster version: 2.26
2- Kong version: 3.2

Any assistance or guidance on resolving this issue would be greatly appreciated. Thank you in advance for your help!