1.4 Protect node metadata and endpoints with NetworkPolicy - Example should be egress

[zhujik]

The example reads as ingress network policy allowing everything from except the ec2 metadata ip. However, since the pods should be restricted to access the ec2 metadata, this should be an egress network policy instead, right? There will be no connections from the pod originating fromt the ec2 metadata ip.