OIDC whitelist on custom actions

[AJensen13]

Is your feature request related to a problem? I have some environments that are behind Cognito auth and there was a request to whitelist the companies VPN cidr so internally other employees could hit an environment without having to go through authentication. As far as I understand, auth gets assigned to all actions automatically if the ingress annotation is set.

Why use auth at all and not just limit any inbound traffic the cidr? We do have 3rd parties that we work with that should be able to hit these environments and rather than do a bunch of whitelisting, we would like them to authenticate, hence leaving traffic open on 0.0.0.0/0.

Describe the solution you'd like When setting up a custom action on the ingress annotations, adding a value to the config that would disable auth on that specific action. Admittedly, this would probably only apply to actions with type forward.

E.g. { "type": "forward", "forwardConfig": { "bypassAuth": "true", "targetGroups": [] } }

Describe alternatives you've considered Again, to my understanding, auth is implemented as an all or nothing approach, so I'm not sure there's any way around it short of removing auth entirely.