From 74181b06b9ac9ce9a312afb6f876b4ebad21622e Mon Sep 17 00:00:00 2001
From: Jonas Juselius <jonas.juselius@itpartner.no>
Date: Thu, 18 Apr 2024 15:49:53 +0200
Subject: [PATCH] feat: globally allow oidc login via microsoft

---
 .../network-policies/allow-microsoft-oidc-login.yaml   | 10 ++++++++++
 1 file changed, 10 insertions(+)
 create mode 100644 resources/oceanbox-cluster/network-policies/allow-microsoft-oidc-login.yaml

diff --git a/resources/oceanbox-cluster/network-policies/allow-microsoft-oidc-login.yaml b/resources/oceanbox-cluster/network-policies/allow-microsoft-oidc-login.yaml
new file mode 100644
index 00000000..d53abc01
--- /dev/null
+++ b/resources/oceanbox-cluster/network-policies/allow-microsoft-oidc-login.yaml
@@ -0,0 +1,10 @@
+apiVersion: cilium.io/v2
+kind: CiliumClusterwideNetworkPolicy
+metadata:
+  name: allow-microsoft-oidc-login
+spec:
+  endpointSelector: {}
+  egress:
+  - toFQDNs:
+    - matchName: login.microsoftonline.com
+    - matchPattern: '*.microsoftonline.com'