fix: allow control plane ingress to webhook

terraform/aws/modules/cluster/main.tf

@@ -112,6 +112,24 @@ resource "aws_security_group" "additional" {
     ]
   }
 
+  # allow control-plane to access webhook
+  ingress {
+    from_port        = 9443
+    to_port          = 9443
+    protocol         = "tcp"
+    cidr_blocks      = ["0.0.0.0/0"]
+    ipv6_cidr_blocks = ["::/0"]
+  }
+
+  ingress {
+    from_port        = 443
+    to_port          = 443
+    protocol         = "tcp"
+    cidr_blocks      = ["0.0.0.0/0"]
+    ipv6_cidr_blocks = ["::/0"]
+  }
+
+
   # 443, 53, 123 is already allowed
   egress {
     from_port        = 80