Add networkPolicy for container in a pod

I have multiple calico networkPolicies in namespace:

In this namespace I create k8s pods with 2 containers: A and B.

Is it possible to create new networkPolicy (or more entities, I cannot find solution in documentation) that would allow container B to access some other namespace or address, but container B would not be able to access it. As far as I understand my networkPolicies only affect whole pods, not individual containers in them.

There is no way to do this. All containers in the same pod run in the same network namespace, so they all have the same rules, and appear to be the same from the POV of anything outside the pod.

If you need to do this, you need to put the containers in different pods.