apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: db-policy
spec:
  podSelector:
    matchLabels:
      role: db
  policyTypes:
  - Ingress
  ingress:
  - from:
    - podSelector:
        matchLabels:
          name: api-pod
      namespaceSelector:
        matchLabels:
          name: prod
    #for external IP      
    - ipBlock:
      cidr: 192.168.0.1/32 
    ports:
    - protocol: tcp
      port: 8080
  egress:
  - to:
    - ipBlock:
        cidr: 192.168.0.1/32
    ports:
    - protocol: tcp
      port: 445