apiVersion: cilium.io/v2
kind: CiliumNetworkPolicy
metadata:
  name: allow-api-server
  namespace: cert-manager
spec:
  description: Allow the Kube API server to communicate with cert-manager
  egress:
    - toEntities:
        - kube-apiserver
  endpointSelector:
    matchLabels: {}