apiVersion: "cilium.io/v2" kind: CiliumNetworkPolicy metadata: name: "cilium-policy-allow-google" namespace: public-xray spec: endpointSelector: matchLabels: app.kubernetes.io/instance: server-xray-public app.kubernetes.io/name: server-xray egress: - toPorts: - ports: - port: "80" protocol: TCP - port: "443" protocol: TCP toCIDR: - 8.8.4.0/24 - 8.8.8.0/24 - 8.34.208.0/20 - 8.35.192.0/20 - 23.236.48.0/20 - 23.251.128.0/19 - 34.0.0.0/15 - 34.2.0.0/16 - 34.3.0.0/23 - 34.3.3.0/24 - 34.3.4.0/24 - 34.3.8.0/21 - 34.3.16.0/20 - 34.3.32.0/19 - 34.3.64.0/18 - 34.4.0.0/14 - 34.8.0.0/13 - 34.16.0.0/12 - 34.32.0.0/11 - 34.64.0.0/10 - 34.128.0.0/10 - 35.184.0.0/13 - 35.192.0.0/14 - 35.196.0.0/15 - 35.198.0.0/16 - 35.199.0.0/17 - 35.199.128.0/18 - 35.200.0.0/13 - 35.208.0.0/12 - 35.224.0.0/12 - 35.240.0.0/13 - 57.140.192.0/18 - 64.15.112.0/20 - 64.233.160.0/19 - 66.22.228.0/23 - 66.102.0.0/20 - 66.249.64.0/19 - 70.32.128.0/19 - 72.14.192.0/18 - 74.125.0.0/16 - 104.154.0.0/15 - 104.196.0.0/14 - 104.237.160.0/19 - 107.167.160.0/19 - 107.178.192.0/18 - 108.59.80.0/20 - 108.170.192.0/18 - 108.177.0.0/17 - 130.211.0.0/16 - 136.22.160.0/20 - 136.22.176.0/21 - 136.22.184.0/23 - 136.22.186.0/24 - 136.124.0.0/15 - 142.250.0.0/15 - 146.148.0.0/17 - 152.65.208.0/22 - 152.65.214.0/23 - 152.65.218.0/23 - 152.65.222.0/23 - 152.65.224.0/19 - 162.120.128.0/17 - 162.216.148.0/22 - 162.222.176.0/21 - 172.110.32.0/21 - 172.217.0.0/16 - 172.253.0.0/16 - 173.194.0.0/16 - 173.255.112.0/20 - 192.158.28.0/22 - 192.178.0.0/15 - 193.186.4.0/24 - 199.36.154.0/23 - 199.36.156.0/24 - 199.192.112.0/22 - 199.223.232.0/21 - 207.223.160.0/20 - 208.65.152.0/22 - 208.68.108.0/22 - 208.81.188.0/22 - 208.117.224.0/19 - 209.85.128.0/17 - 216.58.192.0/19 - 216.73.80.0/20 - 216.239.32.0/19 - 2001:4860::/32 - 2404:6800::/32 - 2404:f340::/32 - 2600:1900::/28 - 2605:ef80::/32 - 2606:40::/32 - 2606:73c0::/32 - 2607:1c0:300::/40 - 2607:f8b0::/32 - 2620:11a:a000::/40 - 2620:120:e000::/40 - 2800:3f0::/32 - 2a00:1450::/32 - 2c0f:fb50::/32 toFQDNs: - matchPattern: "google.com" - matchPattern: "google.ad" - matchPattern: "google.ae" - matchPattern: "google.com.af" - matchPattern: "google.com.ag" - matchPattern: "google.al" - matchPattern: "google.am" - matchPattern: "google.co.ao" - matchPattern: "google.com.ar" - matchPattern: "google.as" - matchPattern: "google.at" - matchPattern: "google.com.au" - matchPattern: "google.az" - matchPattern: "google.ba" - matchPattern: "google.com.bd" - matchPattern: "google.be" - matchPattern: "google.bf" - matchPattern: "google.bg" - matchPattern: "google.com.bh" - matchPattern: "google.bi" - matchPattern: "google.bj" - matchPattern: "google.com.bn" - matchPattern: "google.com.bo" - matchPattern: "google.com.br" - matchPattern: "google.bs" - matchPattern: "google.bt" - matchPattern: "google.co.bw" - matchPattern: "google.by" - matchPattern: "google.com.bz" - matchPattern: "google.ca" - matchPattern: "google.cd" - matchPattern: "google.cf" - matchPattern: "google.cg" - matchPattern: "google.ch" - matchPattern: "google.ci" - matchPattern: "google.co.ck" - matchPattern: "google.cl" - matchPattern: "google.cm" - matchPattern: "google.cn" - matchPattern: "google.com.co" - matchPattern: "google.co.cr" - matchPattern: "google.com.cu" - matchPattern: "google.cv" - matchPattern: "google.com.cy" - matchPattern: "google.cz" - matchPattern: "google.de" - matchPattern: "google.dj" - matchPattern: "google.dk" - matchPattern: "google.dm" - matchPattern: "google.com.do" - matchPattern: "google.dz" - matchPattern: "google.com.ec" - matchPattern: "google.ee" - matchPattern: "google.com.eg" - matchPattern: "google.es" - matchPattern: "google.com.et" - matchPattern: "google.fi" - matchPattern: "google.com.fj" - matchPattern: "google.fm" - matchPattern: "google.fr" - matchPattern: "google.ga" - matchPattern: "google.ge" - matchPattern: "google.gg" - matchPattern: "google.com.gh" - matchPattern: "google.com.gi" - matchPattern: "google.gl" - matchPattern: "google.gm" - matchPattern: "google.gr" - matchPattern: "google.com.gt" - matchPattern: "google.gy" - matchPattern: "google.com.hk" - matchPattern: "google.hn" - matchPattern: "google.hr" - matchPattern: "google.ht" - matchPattern: "google.hu" - matchPattern: "google.co.id" - matchPattern: "google.ie" - matchPattern: "google.co.il" - matchPattern: "google.im" - matchPattern: "google.co.in" - matchPattern: "google.iq" - matchPattern: "google.is" - matchPattern: "google.it" - matchPattern: "google.je" - matchPattern: "google.com.jm" - matchPattern: "google.jo" - matchPattern: "google.co.jp" - matchPattern: "google.co.ke" - matchPattern: "google.com.kh" - matchPattern: "google.ki" - matchPattern: "google.kg" - matchPattern: "google.co.kr" - matchPattern: "google.com.kw" - matchPattern: "google.kz" - matchPattern: "google.la" - matchPattern: "google.com.lb" - matchPattern: "google.li" - matchPattern: "google.lk" - matchPattern: "google.co.ls" - matchPattern: "google.lt" - matchPattern: "google.lu" - matchPattern: "google.lv" - matchPattern: "google.com.ly" - matchPattern: "google.co.ma" - matchPattern: "google.md" - matchPattern: "google.me" - matchPattern: "google.mg" - matchPattern: "google.mk" - matchPattern: "google.ml" - matchPattern: "google.com.mm" - matchPattern: "google.mn" - matchPattern: "google.com.mt" - matchPattern: "google.mu" - matchPattern: "google.mv" - matchPattern: "google.mw" - matchPattern: "google.com.mx" - matchPattern: "google.com.my" - matchPattern: "google.co.mz" - matchPattern: "google.com.na" - matchPattern: "google.com.ng" - matchPattern: "google.com.ni" - matchPattern: "google.ne" - matchPattern: "google.nl" - matchPattern: "google.no" - matchPattern: "google.com.np" - matchPattern: "google.nr" - matchPattern: "google.nu" - matchPattern: "google.co.nz" - matchPattern: "google.com.om" - matchPattern: "google.com.pa" - matchPattern: "google.com.pe" - matchPattern: "google.com.pg" - matchPattern: "google.com.ph" - matchPattern: "google.com.pk" - matchPattern: "google.pl" - matchPattern: "google.pn" - matchPattern: "google.com.pr" - matchPattern: "google.ps" - matchPattern: "google.pt" - matchPattern: "google.com.py" - matchPattern: "google.com.qa" - matchPattern: "google.ro" - matchPattern: "google.ru" - matchPattern: "google.rw" - matchPattern: "google.com.sa" - matchPattern: "google.com.sb" - matchPattern: "google.sc" - matchPattern: "google.se" - matchPattern: "google.com.sg" - matchPattern: "google.sh" - matchPattern: "google.si" - matchPattern: "google.sk" - matchPattern: "google.com.sl" - matchPattern: "google.sn" - matchPattern: "google.so" - matchPattern: "google.sm" - matchPattern: "google.sr" - matchPattern: "google.st" - matchPattern: "google.com.sv" - matchPattern: "google.td" - matchPattern: "google.tg" - matchPattern: "google.co.th" - matchPattern: "google.com.tj" - matchPattern: "google.tl" - matchPattern: "google.tm" - matchPattern: "google.tn" - matchPattern: "google.to" - matchPattern: "google.com.tr" - matchPattern: "google.tt" - matchPattern: "google.com.tw" - matchPattern: "google.co.tz" - matchPattern: "google.com.ua" - matchPattern: "google.co.ug" - matchPattern: "google.co.uk" - matchPattern: "google.com.uy" - matchPattern: "google.co.uz" - matchPattern: "google.com.vc" - matchPattern: "google.co.ve" - matchPattern: "google.co.vi" - matchPattern: "google.com.vn" - matchPattern: "google.vu" - matchPattern: "google.ws" - matchPattern: "google.rs" - matchPattern: "google.co.za" - matchPattern: "google.co.zm" - matchPattern: "google.co.zw" - matchPattern: "google.cat" - matchPattern: "*.google.com" - matchPattern: "*.google.ad" - matchPattern: "*.google.ae" - matchPattern: "*.google.com.af" - matchPattern: "*.google.com.ag" - matchPattern: "*.google.al" - matchPattern: "*.google.am" - matchPattern: "*.google.co.ao" - matchPattern: "*.google.com.ar" - matchPattern: "*.google.as" - matchPattern: "*.google.at" - matchPattern: "*.google.com.au" - matchPattern: "*.google.az" - matchPattern: "*.google.ba" - matchPattern: "*.google.com.bd" - matchPattern: "*.google.be" - matchPattern: "*.google.bf" - matchPattern: "*.google.bg" - matchPattern: "*.google.com.bh" - matchPattern: "*.google.bi" - matchPattern: "*.google.bj" - matchPattern: "*.google.com.bn" - matchPattern: "*.google.com.bo" - matchPattern: "*.google.com.br" - matchPattern: "*.google.bs" - matchPattern: "*.google.bt" - matchPattern: "*.google.co.bw" - matchPattern: "*.google.by" - matchPattern: "*.google.com.bz" - matchPattern: "*.google.ca" - matchPattern: "*.google.cd" - matchPattern: "*.google.cf" - matchPattern: "*.google.cg" - matchPattern: "*.google.ch" - matchPattern: "*.google.ci" - matchPattern: "*.google.co.ck" - matchPattern: "*.google.cl" - matchPattern: "*.google.cm" - matchPattern: "*.google.cn" - matchPattern: "*.google.com.co" - matchPattern: "*.google.co.cr" - matchPattern: "*.google.com.cu" - matchPattern: "*.google.cv" - matchPattern: "*.google.com.cy" - matchPattern: "*.google.cz" - matchPattern: "*.google.de" - matchPattern: "*.google.dj" - matchPattern: "*.google.dk" - matchPattern: "*.google.dm" - matchPattern: "*.google.com.do" - matchPattern: "*.google.dz" - matchPattern: "*.google.com.ec" - matchPattern: "*.google.ee" - matchPattern: "*.google.com.eg" - matchPattern: "*.google.es" - matchPattern: "*.google.com.et" - matchPattern: "*.google.fi" - matchPattern: "*.google.com.fj" - matchPattern: "*.google.fm" - matchPattern: "*.google.fr" - matchPattern: "*.google.ga" - matchPattern: "*.google.ge" - matchPattern: "*.google.gg" - matchPattern: "*.google.com.gh" - matchPattern: "*.google.com.gi" - matchPattern: "*.google.gl" - matchPattern: "*.google.gm" - matchPattern: "*.google.gr" - matchPattern: "*.google.com.gt" - matchPattern: "*.google.gy" - matchPattern: "*.google.com.hk" - matchPattern: "*.google.hn" - matchPattern: "*.google.hr" - matchPattern: "*.google.ht" - matchPattern: "*.google.hu" - matchPattern: "*.google.co.id" - matchPattern: "*.google.ie" - matchPattern: "*.google.co.il" - matchPattern: "*.google.im" - matchPattern: "*.google.co.in" - matchPattern: "*.google.iq" - matchPattern: "*.google.is" - matchPattern: "*.google.it" - matchPattern: "*.google.je" - matchPattern: "*.google.com.jm" - matchPattern: "*.google.jo" - matchPattern: "*.google.co.jp" - matchPattern: "*.google.co.ke" - matchPattern: "*.google.com.kh" - matchPattern: "*.google.ki" - matchPattern: "*.google.kg" - matchPattern: "*.google.co.kr" - matchPattern: "*.google.com.kw" - matchPattern: "*.google.kz" - matchPattern: "*.google.la" - matchPattern: "*.google.com.lb" - matchPattern: "*.google.li" - matchPattern: "*.google.lk" - matchPattern: "*.google.co.ls" - matchPattern: "*.google.lt" - matchPattern: "*.google.lu" - matchPattern: "*.google.lv" - matchPattern: "*.google.com.ly" - matchPattern: "*.google.co.ma" - matchPattern: "*.google.md" - matchPattern: "*.google.me" - matchPattern: "*.google.mg" - matchPattern: "*.google.mk" - matchPattern: "*.google.ml" - matchPattern: "*.google.com.mm" - matchPattern: "*.google.mn" - matchPattern: "*.google.com.mt" - matchPattern: "*.google.mu" - matchPattern: "*.google.mv" - matchPattern: "*.google.mw" - matchPattern: "*.google.com.mx" - matchPattern: "*.google.com.my" - matchPattern: "*.google.co.mz" - matchPattern: "*.google.com.na" - matchPattern: "*.google.com.ng" - matchPattern: "*.google.com.ni" - matchPattern: "*.google.ne" - matchPattern: "*.google.nl" - matchPattern: "*.google.no" - matchPattern: "*.google.com.np" - matchPattern: "*.google.nr" - matchPattern: "*.google.nu" - matchPattern: "*.google.co.nz" - matchPattern: "*.google.com.om" - matchPattern: "*.google.com.pa" - matchPattern: "*.google.com.pe" - matchPattern: "*.google.com.pg" - matchPattern: "*.google.com.ph" - matchPattern: "*.google.com.pk" - matchPattern: "*.google.pl" - matchPattern: "*.google.pn" - matchPattern: "*.google.com.pr" - matchPattern: "*.google.ps" - matchPattern: "*.google.pt" - matchPattern: "*.google.com.py" - matchPattern: "*.google.com.qa" - matchPattern: "*.google.ro" - matchPattern: "*.google.ru" - matchPattern: "*.google.rw" - matchPattern: "*.google.com.sa" - matchPattern: "*.google.com.sb" - matchPattern: "*.google.sc" - matchPattern: "*.google.se" - matchPattern: "*.google.com.sg" - matchPattern: "*.google.sh" - matchPattern: "*.google.si" - matchPattern: "*.google.sk" - matchPattern: "*.google.com.sl" - matchPattern: "*.google.sn" - matchPattern: "*.google.so" - matchPattern: "*.google.sm" - matchPattern: "*.google.sr" - matchPattern: "*.google.st" - matchPattern: "*.google.com.sv" - matchPattern: "*.google.td" - matchPattern: "*.google.tg" - matchPattern: "*.google.co.th" - matchPattern: "*.google.com.tj" - matchPattern: "*.google.tl" - matchPattern: "*.google.tm" - matchPattern: "*.google.tn" - matchPattern: "*.google.to" - matchPattern: "*.google.com.tr" - matchPattern: "*.google.tt" - matchPattern: "*.google.com.tw" - matchPattern: "*.google.co.tz" - matchPattern: "*.google.com.ua" - matchPattern: "*.google.co.ug" - matchPattern: "*.google.co.uk" - matchPattern: "*.google.com.uy" - matchPattern: "*.google.co.uz" - matchPattern: "*.google.com.vc" - matchPattern: "*.google.co.ve" - matchPattern: "*.google.co.vi" - matchPattern: "*.google.com.vn" - matchPattern: "*.google.vu" - matchPattern: "*.google.ws" - matchPattern: "*.google.rs" - matchPattern: "*.google.co.za" - matchPattern: "*.google.co.zm" - matchPattern: "*.google.co.zw" - matchPattern: "*.google.cat"