[Cluster IP and the port number of the Kubernetes service, that will be used in the NetworkPolicy]
$ kubectl get endpoints --namespace default kubernetes
NAME         ENDPOINTS            AGE
kubernetes   192.168.64.38:8443   42h

[create the NetworkPolicy using default Kubernetes service IP address and port no]

---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: operator-to-apiserver-egress
spec:
  podSelector:
    matchLabels:
      app.kubernetes.io/instance: tanzu-mysql-operator
  policyTypes:
    - Egress
  egress:
    - to:
        - ipBlock:
            cidr: 192.168.64.38/32
      ports:
        - port: 8443
          protocol: TCP
