apiVersion: "cilium.io/v2"
kind: CiliumNetworkPolicy
metadata:
  name: "cilium-policy-allow-google"
  namespace: public-xray
spec:
  endpointSelector:
    matchLabels:
      app.kubernetes.io/instance: server-xray-public
      app.kubernetes.io/name: server-xray
  egress:
    - toPorts:
        - ports:
            - port: "53"
              protocol: ANY
    - toPorts:
        - ports:
            - port: "80"
              protocol: ANY
            - port: "8080"
              protocol: ANY
            - port: "443"
              protocol: ANY
            - port: "27015"
              protocol: ANY
            - port: "45000"
              endPort: 60000
              protocol: UDP
      toEntities:
        - world
        - host
        - remote-node