Allow the creation of ICMP rules in NLB security group

[jenademoodley]

Is your feature request related to a problem? ICMP inbound traffic is necessary for Path MTU Discovery: https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-security-groups.html#filter-client-traffic-recommended-rules

Describe the solution you'd like A configuration to allow the creation of the ICMP rule to cater for Path MTU discovery. Since it is not always desirable to allow inbound ICMP this should be a flag or annotation.

Describe alternatives you've considered Currently using a custom security group service.beta.kubernetes.io/aws-load-balancer-security-groups