We want to control what is exposed onto the internet and what is available within the organisation.

The flows are exposed but the admin gui / api are only accessible within the organisation.

Currently we're considering filtering at the load balancer essentially whitelisting traffic.

The admin GUI is accessed internally within the organisation.

Alternatively is there a way to config off admin ui & api and only deploy this into production? With the admin deployed internally?