You can now use an API Server VNet Integration to ensure network traffic between your API server and your node pools remains on the private network only.
Public preview: API Server VNET Integration for AKS private cluster
You can now use an API Server VNet Integration to ensure network traffic between your API server and your node pools remains on the private network only.