diff --git a/values/atlantis/manifests/network/allow-api-server.yaml b/values/atlantis/manifests/network/allow-api-server.yaml
new file mode 100644
index 00000000..0f5e8533
--- /dev/null
+++ b/values/atlantis/manifests/network/allow-api-server.yaml
@@ -0,0 +1,15 @@
+# apiVersion: cilium.io/v2
+# kind: CiliumNetworkPolicy
+# metadata:
+#   name: allow-kube-api
+#   namespace: atlantis
+# spec:
+#   endpointSelector:
+#     matchLabels: {}
+#   egress:
+#   - toEntities:
+#     - kube-apiserver
+#     toPorts:
+#     - ports:
+#       - port: "6443"
+#         protocol: TCP
diff --git a/values/atlantis/manifests/network/atlantis-policies.yaml b/values/atlantis/manifests/network/atlantis-policies.yaml
new file mode 100644
index 00000000..8afc4753
--- /dev/null
+++ b/values/atlantis/manifests/network/atlantis-policies.yaml
@@ -0,0 +1,25 @@
+# apiVersion: cilium.io/v2
+# kind: CiliumClusterwideNetworkPolicy
+# metadata:
+#   name: allow-atlantis-services
+#   namespace: {{ .Release.Namespace }}
+# spec:
+#   egress:
+#   - toEndpoints:
+#     - matchLabels:
+#         k8s:io.kubernetes.pod.namespace: dapr-system
+#   - toEndpoints:
+#     - matchLabels:
+#         k8s:io.kubernetes.pod.namespace: rabbitmq
+#   - toEndpoints:
+#     - matchLabels:
+#         k8s:io.kubernetes.pod.namespace: otel
+#   - toFQDNs:
+#     - matchName: dapr.github.io
+#     - matchName: analytics.loft.rocks
+#     - matchPattern: '*.oceanbox.io'
+#     # - matchName: gitlab.com
+#     # - matchName: api.github.com
+#     # - matchPattern: '*.gitlab.com'
+#   endpointSelector:
+#     matchLabels: {}
diff --git a/values/system/oceanbox/network/atlantis/allow-api-server.yaml b/values/system/oceanbox/network/atlantis/allow-api-server.yaml
deleted file mode 100644
index bee8c729..00000000
--- a/values/system/oceanbox/network/atlantis/allow-api-server.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-apiVersion: cilium.io/v2
-kind: CiliumNetworkPolicy
-metadata:
-  name: allow-kube-api
-  namespace: atlantis
-spec:
-  endpointSelector:
-    matchLabels: {}
-  egress:
-  - toEntities:
-    - kube-apiserver
-    toPorts:
-    - ports:
-      - port: "6443"
-        protocol: TCP
diff --git a/values/system/oceanbox/network/atlantis/atlantis-policies.yaml b/values/system/oceanbox/network/atlantis/atlantis-policies.yaml
deleted file mode 100644
index 09b6771d..00000000
--- a/values/system/oceanbox/network/atlantis/atlantis-policies.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-apiVersion: cilium.io/v2
-kind: CiliumClusterwideNetworkPolicy
-metadata:
-  name: allow-atlantis-services
-  namespace: {{ .Release.Namespace }}
-spec:
-  egress:
-  - toEndpoints:
-    - matchLabels:
-        k8s:io.kubernetes.pod.namespace: dapr-system
-  - toEndpoints:
-    - matchLabels:
-        k8s:io.kubernetes.pod.namespace: rabbitmq
-  - toEndpoints:
-    - matchLabels:
-        k8s:io.kubernetes.pod.namespace: otel
-  - toFQDNs:
-    - matchName: dapr.github.io
-    - matchName: analytics.loft.rocks
-    - matchPattern: '*.oceanbox.io'
-    # - matchName: gitlab.com
-    # - matchName: api.github.com
-    # - matchPattern: '*.gitlab.com'
-  endpointSelector:
-    matchLabels: {}
diff --git a/values/system/oceanbox/network/idp/allow-api-server.yaml b/values/system/oceanbox/network/idp/allow-api-server.yaml
deleted file mode 100644
index f2150982..00000000
--- a/values/system/oceanbox/network/idp/allow-api-server.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-apiVersion: cilium.io/v2
-kind: CiliumNetworkPolicy
-metadata:
-  name: allow-kube-api
-  namespace: idp
-spec:
-  endpointSelector:
-    matchLabels: {}
-  egress:
-  - toEntities:
-    - kube-apiserver
-    toPorts:
-    - ports:
-      - port: "6443"
-        protocol: TCP
diff --git a/values/system/oceanbox/network/idp/allow-gitlab.yaml b/values/system/oceanbox/network/idp/allow-gitlab.yaml
deleted file mode 100644
index 007e2960..00000000
--- a/values/system/oceanbox/network/idp/allow-gitlab.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-apiVersion: cilium.io/v2
-kind: CiliumNetworkPolicy
-metadata:
-  name: allow-grafana-oidc-login
-  namespace: idp
-spec:
-  endpointSelector:
-    matchLabels:
-      app.kubernetes.io/name: cerbos
-  egress:
-  - toFQDNs:
-    - matchName: gitlab.com
-    - matchPattern: '*.gitlab.com'
diff --git a/values/system/oceanbox/network/idp/allow-idp-external-access.yaml b/values/system/oceanbox/network/idp/allow-idp-external-access.yaml
deleted file mode 100644
index 82d3dfd1..00000000
--- a/values/system/oceanbox/network/idp/allow-idp-external-access.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-apiVersion: cilium.io/v2
-kind: CiliumNetworkPolicy
-metadata:
-  name: allow-external-idp
-spec:
-  egress:
-  - toFQDNs:
-    - matchName: login.microsoftonline.com
-    - matchName: graph.microsoft.com
-    - matchName: telemetry.cerbos.dev
-  endpointSelector: {}
-
diff --git a/values/system/oceanbox/network/idp/allow-itp-smtpgw.yaml b/values/system/oceanbox/network/idp/allow-itp-smtpgw.yaml
deleted file mode 100644
index 8ae74f56..00000000
--- a/values/system/oceanbox/network/idp/allow-itp-smtpgw.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-apiVersion: cilium.io/v2
-kind: CiliumNetworkPolicy
-metadata:
-  name: allow-itp-smtp
-  namespace: idp
-spec:
-  endpointSelector:
-    matchLabels:
-      app.kubernetes.io/name: keycloak
-  egress:
-  - toFQDNs:
-    - matchName: smtpgw.itpartner.no
diff --git a/values/system/oceanbox/network/idp/allow-keycloak.yaml b/values/system/oceanbox/network/idp/allow-keycloak.yaml
deleted file mode 100644
index 58f5cb9c..00000000
--- a/values/system/oceanbox/network/idp/allow-keycloak.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-apiVersion: cilium.io/v2
-kind: CiliumNetworkPolicy
-metadata:
-  name: allow-keycloak
-  namespace: idp
-spec:
-  endpointSelector:
-    matchLabels:
-      app.kubernetes.io/name: dex
-  egress:
-  - toFQDNs:
-    - matchName: auth.srv.oceanbox.io
diff --git a/values/system/oceanbox/network/jaeger/allow-api-server.yaml b/values/system/oceanbox/network/jaeger/allow-api-server.yaml
deleted file mode 100644
index c124879f..00000000
--- a/values/system/oceanbox/network/jaeger/allow-api-server.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-apiVersion: cilium.io/v2
-kind: CiliumNetworkPolicy
-metadata:
-  name: allow-kube-api
-  namespace: jaeger
-spec:
-  endpointSelector:
-    matchLabels: {}
-  egress:
-  - toEntities:
-    - kube-apiserver
-    toPorts:
-    - ports:
-      - port: "6443"
-        protocol: TCP
diff --git a/values/system/oceanbox/network/jaeger/allow-remote-node.yaml b/values/system/oceanbox/network/jaeger/allow-remote-node.yaml
deleted file mode 100644
index 68681b0d..00000000
--- a/values/system/oceanbox/network/jaeger/allow-remote-node.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-apiVersion: cilium.io/v2
-kind: CiliumNetworkPolicy
-metadata:
-  name: allow-remote-node-webhooks
-  namespace: jaeger
-spec:
-  endpointSelector:
-    matchLabels: {}
-  ingress:
-  - fromEntities:
-    - kube-apiserver
-  - toPorts:
-    - ports:
-      - port: "9443"
-        protocol: TCP
-      - port: "443"
-        protocol: TCP