I have an Amazon Elastic Kubernetes Service (EKS) cluster running in my private subnet. I've created a kubeconfig file for a user, let's call it the "lens user." However, I've noticed that anyone with this kubeconfig file can connect to the EKS cluster, which is a security concern.
Is there a way to restrict access to my EKS cluster so that only users with the kubeconfig file can access it, but only if they are connected through a specific IP address (e.g., connected to a VPN)? I want to ensure that access to the EKS cluster is tightly controlled and limited to a specific set of trusted IPs.
I'd appreciate any guidance on how to configure EKS or Kubernetes RBAC policies to achieve this level of access control. Thank you!