home-cluster-ops/kubernetes/infrastructure/cilium/networkpolicies/egress-kube-dns.yaml

apiVersion: cilium.io/v2
kind: CiliumClusterwideNetworkPolicy
metadata:
  name: egress-kube-dns
  namespace: kube-system
spec:
  endpointSelector:
    matchExpressions:
      - key: rpi5.cluster.policy/egress-kube-dns
        operator: NotIn
        values:
          - "false"
  egress:
    - toEndpoints:
        - matchLabels:
            io.kubernetes.pod.namespace: kube-system
            k8s-app: kube-dns
      toPorts:
        - ports:
            - port: "53"