Set ASG subnet to only private subnets

[sedefsavas]

In AWSMachinePool, if subnets are not specified, we add all available subnets to the AutoScalingGroup.
Instead, the default should be only private subnets IMO.

cluster-api-provider-aws/pkg/cloud/services/autoscaling/autoscalinggroup.go

Lines 148 to 152 in da8c0c4

	if len(subnetIDs) == 0 {
	for _, subnet := range scope.InfraCluster.Subnets() {
	subnetIDs = append(subnetIDs, subnet.ID)
	}
	}

What do you all think?

[randomvariable]

/kind bug

[paurosello]

Hello @sedefsavas I think this feature is pretty much required in most scenarios.

I cannot think of a case were we want to have machines in public subnets.

I tried using filters for subnets in the MachinePool to overcome this issue but as pointed out in the code on the initial comment, only the ID is used, filters are ignored. This is how it would look like with a filter:

   subnets:
     - filters:
       - name: sigs.k8s.io/cluster-api-provider-aws/role
         values:
           - private

[sedefsavas]

@paurosello
This PR fixed this issue by only selecting the private control-plane subnets: #2302

cluster-api-provider-aws/pkg/cloud/scope/shared.go

Lines 68 to 70 in f7ef6f4

	// 4. All the private subnets from the control plane are used
	// In Cluster API Availability Zone can also be referred to by the name `Failure Domain`
	func (p *defaultSubnetPlacementStrategy) Place(input *placementInput) ([]string, error) {

Is there another scenario this fix does not cover?

[paurosello]

Oh, that's nice already. We were thinking on using the filters to assign specific MachinePools to specific subnets with filters but I think it would be a completely different issue right?