weinong/block-imds.yaml

## block-imds.yaml
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: deny-egress-to-imds
spec:
  podSelector: {}
  policyTypes:
    - Egress
  egress:
    - to:
        - ipBlock:
            cidr: 0.0.0.0/0
            except:
              - 169.254.169.254/32
        - namespaceSelector:
            matchLabels:
              kubernetes.io/metadata.name: kube-system
        - podSelector:
            matchLabels:
              k8s-app: kube-dns
	apiVersion: networking.k8s.io/v1
	kind: NetworkPolicy
	metadata:
	name: deny-egress-to-imds
	spec:
	podSelector: {}
	policyTypes:
	- Egress
	egress:
	- to:
	- ipBlock:
	cidr: 0.0.0.0/0
	except:
	- 169.254.169.254/32
	- namespaceSelector:
	matchLabels:
	kubernetes.io/metadata.name: kube-system
	- podSelector:
	matchLabels:
	k8s-app: kube-dns
No results found