Hi all, I would like to know if there is a way to allow only a communication fro . . .

Jason:
Hi all, I would like to know if there is a way to allow only a communication from a specific service (inside or outside the namespace) to a pod within a network policy. Meaning can we have a “serviceSelector” parameter inside the from parameter (into ingress) ? In the documentation they only refer on namespaceSelector and podSelector. From what I have understood, I can only allow a specfic pod to access another pod but not a specific service. Thanks a lot for your feedback

OE:
No. You can’t. Services are actually virtual IPs that don’t exist anywhere (on any real interface) and are simply used for routing purposes (which backends can I forward to)

Jason:
ok thanks for the confirmation about what I thought. However it’s a little bit a pity because we cannot have a deny all policy and allow only service to route the access to the pod (backend).

OE:
You can have pods in a service and enable only them access to the backend pods. That would give you the same result

Jason:
ok thanks