diff --git a/vcluster/chart/templates/sync-vcluster-atlantis-secrets.yaml b/vcluster/chart/templates/sync-vcluster-atlantis-secrets.yaml
new file mode 100644
index 00000000..4b656c9a
--- /dev/null
+++ b/vcluster/chart/templates/sync-vcluster-atlantis-secrets.yaml
@@ -0,0 +1,89 @@
+{{- $name := include "vCluster.releaseName" . -}}
+apiVersion: kyverno.io/v1
+kind: ClusterPolicy
+metadata:
+  name: sync-atlantis-vcluster-secrets
+spec:
+  background: true
+  generateExistingOnPolicyUpdate: true
+  rules:
+  - name: sync-redis-secrets
+    generate:
+      apiVersion: v1
+      namespace: '{{request.object.metadata.name}}'
+      synchronize: true
+      cloneList:
+        namespace: redis
+        kinds:
+          - Secret
+        selector:
+          matchLabels:
+            app.kubernetes.io/name: redis
+    match:
+      resources:
+        kinds:
+        - Namespace
+        names:
+          - "vcluster-009dba7e-*"
+        selector:
+          matchLabels:
+            vcluster.loft.sh/vcluster-namespace: '{{ .Release.Namespace }}'
+  - name: sync-rabbitmq-secrets
+    generate:
+      apiVersion: v1
+      namespace: '{{request.object.metadata.name}}'
+      synchronize: true
+      cloneList:
+        namespace: rabbitmq
+        kinds:
+          - Secret
+        selector:
+          matchLabels:
+            clone: "true"
+    match:
+      resources:
+        kinds:
+        - Namespace
+        names:
+          - "vcluster-009dba7e-*"
+        selector:
+          matchLabels:
+            vcluster.loft.sh/vcluster-namespace: '{{ .Release.Namespace }}'
+  - name: sync-archmeister-superuser
+    generate:
+      apiVersion: v1
+      kind: Secret
+      name: '{{ $name }}-archmeister-app'
+      namespace: '{{request.object.metadata.name}}'
+      synchronize: true
+      clone:
+        namespace: '{{ .Release.Namespace }}'
+        name: '{{ $name }}-archmeister-superuser'
+    match:
+      resources:
+        kinds:
+        - Namespace
+        names:
+          - "vcluster-009dba7e-*"
+        selector:
+          matchLabels:
+            vcluster.loft.sh/vcluster-namespace: '{{ .Release.Namespace }}'
+  - name: sync-archmeister-env
+    generate:
+      apiVersion: v1
+      kind: Secret
+      name: archmeister-env
+      namespace: '{{request.object.metadata.name}}'
+      synchronize: true
+      clone:
+        namespace: '{{ .Release.Namespace }}'
+        name: archmeister-env
+    match:
+      resources:
+        kinds:
+        - Namespace
+        names:
+          - "vcluster-009dba7e-*"
+        selector:
+          matchLabels:
+            vcluster.loft.sh/vcluster-namespace: '{{ .Release.Namespace }}'