Create VM with public IP, but accessible only from certain public IPs

[lllamnyp]

It's not possible to create a VM with a public IP, but accessible only from certain IPs. Currently, VMs' IPs and ports are exposed by a CiliumNetworkPollicy with a permissive ingress rule (anyone can access a determined list of ports), so additional network policies have no effect.

Desired result: I can create a VM accessible via SSH only from a certain IP address (e.g. accessible only from my local machine).

[kvaps]

I think we need to solve this problem more complex, by introducing security policies.

The main reason is that every VM can have multiple ports running, eg SSH and HTTP. User might want to limit SSH access from scpeific IPs but not limiting HTTP