apiVersion: v1alpha1
kind: NetworkRuleConfig
name: ingress-apid # Name of the config document.
# Port selector defines which ports and protocols on the host are affected by the rule.
portSelector:
    # Ports defines a list of port ranges or single ports.
    ports:
        - 50000
    protocol: tcp # Protocol defines traffic protocol (e.g. TCP or UDP).
# Ingress defines which source subnets are allowed to access the host ports/protocols defined by the `portSelector`.
ingress:
    - subnet: 192.168.0.0/16 # Subnet defines a source subnet.
FieldTypeDescriptionValue(s)
namestringName of the config document.
portSelectorRulePortSelectorPort selector defines which ports and protocols on the host are affected by the rule.
ingress[]IngressRuleIngress defines which source subnets are allowed to access the host ports/protocols defined by the portSelector.

​
portSelector

RulePortSelector is a port selector for the network rule.
FieldTypeDescriptionValue(s)
portsPortRanges
Ports defines a list of port ranges or single ports.The port ranges are inclusive, and should not overlap.
Show example(s)ports:
- 80
- 443

ports:
- 1200-1299
- 8080
protocolProtocolProtocol defines traffic protocol (e.g. TCP or UDP).tcp
udp
icmp
icmpv6

​
ingress[]

IngressRule is a ingress rule.
FieldTypeDescriptionValue(s)
subnetPrefixSubnet defines a source subnet.
Show example(s)subnet: 10.3.4.0/24
subnet: 2001:db8::/32
subnet: 1.3.4.5/32
exceptPrefixExcept defines a source subnet to exclude from the rule, it gets excluded from the subnet.