Context: I am working in an application deployed in a CaaS and it has 2 ingresses for keycloak, each with a specific hostname, one of them is reachable from the internet.
What I want is NOT be able to access the Keycloak admin console from the internet.
I am trying this: https://kubernetes.io/docs/concepts/services-networking/network-policies/#networkpolicy-resource but can't seem to make it work.
Not sure if anyone else has this problem, but what I did was to change the ingress facing the internet so the path matches the prefix of the application realm instead of the master one and that is enough for us.