I'm writing the network policies of a Kubernetes cluster. How can I specify a single IP address that I want to authorize in my egress policy instead of authorizing a whole range of IP addresses ?
An example based on the official docs:
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: test-network-policy
namespace: default
spec:
podSelector:
matchLabels:
role: db
policyTypes:
- Egress
egress:
- to:
- ipBlock:
cidr: 10.11.12.13/32
ports:
- protocol: TCP
port: 5978It's essential to use /32 subnet prefix length which indicates that you're limiting the scope of the rule just to this one IP address.