File tree Expand file tree Collapse file tree 1 file changed +10
-10
lines changed
Expand file tree Collapse file tree 1 file changed +10
-10
lines changed Original file line number Diff line number Diff line change @@ -21,14 +21,13 @@ spec:
2121
2222 egress :
2323 # Need to be able to talk to api server
24- - toEndpoints :
25- - matchLabels :
26- " k8s:io.kubernetes.pod.namespace " kube-system
27- # Allow (limited) DNS queries
28- - toEndpoints :
29- - matchLabels :
30- " k8s:io.kubernetes.pod.namespace " kube-system
31- " k8s:k8s-app " kube-dns
24+ # TODO: toEndpoints doesn't seem to work for me here?
25+ - toEntities :
26+ - cluster
27+ # Allow (limited) DNS queries to kube-dns
28+ - toEntities :
29+ # TODO: only allow talking to kube-dns
30+ - cluster
3231 toPorts :
3332 - ports :
3433 - port : " 53"
3736 dns :
3837 - matchPattern : " *.amazonaws.com"
3938 # Allow HTTP connections to AWS services
40- - toFQDNs :
41- - matchPattern : " *.amazonaws.com "
39+ - toEntities :
40+ - world
4241 toPorts :
4342 - ports :
4443 - port : " 443"
4544 protocol : TCP
45+ # TODO: only allow talking to route 53
You can’t perform that action at this time.
0 commit comments