How to categorize this issue?

/area usability
/kind enhancement
/kind epic

What would you like to be added:

As described in GEP-33: Machine Image Capabilities gardener plans to introduce capabilities for machineType and machineImage in the Gardener CloudProfile to ensure only shoots with a matching set of capabilities on machine type and image will be admitted by Gardener. This will prevent the creation of incompatible worker pools on shoot creation and maintenance operations. It will also provide a mechanism to filter incompatible images for a machine type in the Gardener Dashboard. These mechanisms are prerequisites for other features, like worker nodes with SecureBoot #11898.

The Implementation can be described in several phases:

1. Capability introduction to gardener/gardener:

• add Feature Gate [GEP-33] Introduce Capabilities support to CloudProfile API #11736
• add Capabilities validation to CloudProfile and NamespacedCloudprofile API [GEP-33] Introduce Capabilities support to CloudProfile API #11736
• CloudProfile & NamespacedCloudprofile admission [GEP-33] Introduce Capabilities support to CloudProfile API #11736
• adjust Bastion OS Image selection [GEP-33] Introduce Capabilities support to CloudProfile API #11736
• implement Shoot & worker admission [GEP-33] Introduce Capabilities validation during Shoot admission #12473
• implement capability based upgrades in maintenance-controller [GEP-33] Add Capabilities support to Worker MachineImage Version defaulting #12529
• release capability feature:
  • Alpha [GEP-33] Introduce Capabilities support to CloudProfile API #11736
  • Beta
  • General availability

2. Capability introduction to gardener/gardener-extension-provider:

• Cloudprofile ProviderConfig validation:
  • local [GEP-33] Machine Capabilities support for provider local #12751
  • aws [GEP-33] Add CapabilitySets to MachineImageVersion validation gardener-extension-provider-aws#1306
  • azure
  • alicloud
  • gcp [GEP-33] Add CapabilitySets to MachineImageVersion validation gardener-extension-provider-gcp#1067
• Capability based image version selection, e.g. for worker or bastion:
  • local [GEP-33] Machine Capabilities support for provider local #12751
  • aws [GEP-33] Capabilities based MachineClass creation gardener-extension-provider-aws#1458
  • azure
  • alicloud
  • gcp

3. Architecture Deprecation

• mark architecture on machineImage and machineType as deprecated
• remove architecture fields during cloudprofile, worker... reconciles

5. Capability Enforcement

• enforce capabilities usage in cloudprofile admission
• mark capabilities as mandatory in all relevant APIs

6. Architecture Removal

• remove deprecated architecture api fields