Authorization policy

I have three microservices in the same namespace in AKS… Let’s say they are ms1, ms2 and ms3 and their services are ms1svc1, ms2svc2 and ms3svc3 respectively. I have a requirement that my ms1 must be able to talk to ms2 and NOT ms3. How to implement it using authorization policy or is there any better way?

In short, how to allow/deny service to service communication…?

you can first enable mTLS in the namespace so that each service will have an mtls based identity, and then apply 2 authz policy to ms2 and ms3 respectively, the first policy allows request from ms1 and the second policy disallows request from ms1, see Istio / Authorization for HTTP traffic