diff --git a/pkg/kyverno/common/common.go b/pkg/kyverno/common/common.go
index 681d7e8b2f..7dbe89513a 100644
--- a/pkg/kyverno/common/common.go
+++ b/pkg/kyverno/common/common.go
@@ -470,12 +470,37 @@ func ApplyPolicyOnResource(policy *v1.ClusterPolicy, resource *unstructured.Unst
 	}
 
 	policyWithNamespaceSelector := false
+OuterLoop:
 	for _, p := range policy.Spec.Rules {
 		if p.MatchResources.ResourceDescription.NamespaceSelector != nil ||
 			p.ExcludeResources.ResourceDescription.NamespaceSelector != nil {
 			policyWithNamespaceSelector = true
 			break
 		}
+		for _, m := range p.MatchResources.Any {
+			if m.ResourceDescription.NamespaceSelector != nil {
+				policyWithNamespaceSelector = true
+				break OuterLoop
+			}
+		}
+		for _, m := range p.MatchResources.All {
+			if m.ResourceDescription.NamespaceSelector != nil {
+				policyWithNamespaceSelector = true
+				break OuterLoop
+			}
+		}
+		for _, e := range p.ExcludeResources.Any {
+			if e.ResourceDescription.NamespaceSelector != nil {
+				policyWithNamespaceSelector = true
+				break OuterLoop
+			}
+		}
+		for _, e := range p.ExcludeResources.All {
+			if e.ResourceDescription.NamespaceSelector != nil {
+				policyWithNamespaceSelector = true
+				break OuterLoop
+			}
+		}
 	}
 
 	if policyWithNamespaceSelector {
diff --git a/test/cli/test/any-namespaceSelector/policy.yaml b/test/cli/test/any-namespaceSelector/policy.yaml
new file mode 100644
index 0000000000..9bae40e88d
--- /dev/null
+++ b/test/cli/test/any-namespaceSelector/policy.yaml
@@ -0,0 +1,25 @@
+apiVersion: kyverno.io/v1
+kind: ClusterPolicy
+metadata:
+  name: enforce-pod-name
+spec:
+  validationFailureAction: audit
+  background: true
+  rules:
+    - name: validate-name
+      match:
+        any:
+          - resources:
+              kinds:
+                - Pod
+              namespaceSelector:
+                matchExpressions:
+                - key: foo.com/managed-state
+                  operator: In
+                  values:
+                  - managed
+      validate:
+        message: "The Pod must end with -nginx"
+        pattern:
+          metadata:
+            name: "*-nginx"
diff --git a/test/cli/test/any-namespaceSelector/resource.yaml b/test/cli/test/any-namespaceSelector/resource.yaml
new file mode 100644
index 0000000000..23c2d7b9c9
--- /dev/null
+++ b/test/cli/test/any-namespaceSelector/resource.yaml
@@ -0,0 +1,9 @@
+kind: Pod
+apiVersion: v1
+metadata:
+  name: test-nginx
+  namespace: test1
+spec:
+  containers:
+  - name: nginx
+    image: nginx:latest
diff --git a/test/cli/test/any-namespaceSelector/test.yaml b/test/cli/test/any-namespaceSelector/test.yaml
new file mode 100644
index 0000000000..e42d541d73
--- /dev/null
+++ b/test/cli/test/any-namespaceSelector/test.yaml
@@ -0,0 +1,14 @@
+---
+name: enforce-pod-name
+policies:
+  - policy.yaml
+resources:
+  - resource.yaml
+variables: value.yaml
+results:
+  - policy: enforce-pod-name
+    rule: validate-name
+    resource: test-nginx
+    kind: Pod
+    namespace: test1
+    result: pass
diff --git a/test/cli/test/any-namespaceSelector/value.yaml b/test/cli/test/any-namespaceSelector/value.yaml
new file mode 100644
index 0000000000..f54cb7bc3a
--- /dev/null
+++ b/test/cli/test/any-namespaceSelector/value.yaml
@@ -0,0 +1,4 @@
+namespaceSelector:
+  - name: test1
+    labels:
+      foo.com/managed-state: managed