railiance-platform/helm/net-kingdom-pg-inter-hub-networkpolicy.yaml

# Allow inter-hub to use its existing database on the net-kingdom-pg cluster.
# The databases namespace has a default-deny-all policy, so app DB access must
# be granted explicitly per consuming namespace.
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: allow-ingress-from-inter-hub-net-kingdom-pg
  namespace: databases
spec:
  podSelector:
    matchLabels:
      cnpg.io/cluster: net-kingdom-pg
  policyTypes:
    - Ingress
  ingress:
    - from:
        - namespaceSelector:
            matchLabels:
              name: inter-hub
          podSelector: {}
      ports:
        - port: 5432
          protocol: TCP