Authorization Policy. Restrict access by IP-address

Hi there! Could you please help me
I’m created a manifest:

apiVersion: security.istio.io/v1beta1
kind: AuthorizationPolicy
metadata:
  name: httpbin-app
  namespace: dev
spec:
  action: ALLOW
  rules:
  - from:
    - source:
        namespaces: ["istio-system"]
    when:
    - key: request.headers[X-Envoy-External-Address]
      values: ["<IP_ADDR>"] #Ip to allow
  selector:
    matchLabels:
      app: httpbin-app

but this code not working. How can i restrict access to the podby IP address?