We'll learn how to use OPA Gatekeeper to prevent any kind of ingress/egress access based on pod labels.
In this scenario, we have seen how to prevent any kind of egress rules to a specific namespace ("webserver" namespace in our case) and the reason behind the need of this policy in our organizations.
For more info on this scenario - Restrict Egress Label Selectors in NetworkPolicies.
For more OPA Gatekeeper use-cases - Mastering OPA Policies
Restrict Egress Label Selectors in NetworkPolicies
This allows us to implement finer controls for the cluster by following the principle of least privilege and making sure that access is given to a particular resource only if it is needed.