diff --git a/resources/allow-atlantis-services.yaml b/resources/allow-atlantis-services.yaml
new file mode 100644
index 00000000..fefb846a
--- /dev/null
+++ b/resources/allow-atlantis-services.yaml
@@ -0,0 +1,23 @@
+apiVersion: cilium.io/v2
+kind: CiliumNetworkPolicy
+metadata:
+  name: allow-atlantis-services
+  namespace: atlantis
+spec:
+  egress:
+    - toEndpoints:
+      - matchLabels:
+          "k8s:io.kubernetes.pod.namespace": dapr-system
+    - toEndpoints:
+      - matchLabels:
+          "k8s:io.kubernetes.pod.namespace": redis
+    - toEndpoints:
+      - matchLabels:
+          "k8s:io.kubernetes.pod.namespace": rabbitmq
+    - toEndpoints:
+      - matchLabels:
+          "k8s:io.kubernetes.pod.namespace": jaeger
+  endpointSelector:
+    matchLabels: {}
+
+
diff --git a/resources/dapr-tracing.yaml b/resources/dapr-tracing.yaml
new file mode 100644
index 00000000..27d43ce2
--- /dev/null
+++ b/resources/dapr-tracing.yaml
@@ -0,0 +1,24 @@
+apiVersion: jaegertracing.io/v1
+kind: "Jaeger"
+metadata:
+  name: jaeger
+spec:
+  strategy: allInOne
+  ingress:
+    enabled: false
+  allInOne:
+    image: jaegertracing/all-in-one:1.13
+    options:
+      query:
+        base-path: /jaeger
+---
+apiVersion: dapr.io/v1alpha1
+kind: Configuration
+metadata:
+  name: tracing
+spec:
+  tracing:
+    samplingRate: "1"
+    zipkin:
+      endpointAddress: "http://jaeger-collector:9411/api/v2/spans"
+
diff --git a/resources/sync-atlantis-secrets.yaml b/resources/sync-atlantis-secrets.yaml
new file mode 100644
index 00000000..453c894a
--- /dev/null
+++ b/resources/sync-atlantis-secrets.yaml
@@ -0,0 +1,46 @@
+apiVersion: kyverno.io/v1
+kind: ClusterPolicy
+metadata:
+  name: sync-atlantis-secrets
+spec:
+  background: true
+  generateExistingOnPolicyUpdate: true
+  rules:
+  - name: sync-redis-secrets
+    generate:
+      apiVersion: v1
+      namespace: atlantis
+      synchronize: true
+      cloneList:
+        namespace: redis
+        kinds:
+          - Secret
+        selector:
+          matchLabels:
+            app.kubernetes.io/name: redis
+    match:
+      resources:
+        kinds:
+        - Namespace
+        names:
+        - atlantis
+  - name: sync-rabbitmq-secrets
+    generate:
+      apiVersion: v1
+      namespace: atlantis
+      synchronize: true
+      cloneList:
+        namespace: rabbitmq
+        kinds:
+          - Secret
+        selector:
+          matchLabels:
+            clone: "true"
+    match:
+      resources:
+        kinds:
+        - Namespace
+        names:
+        - atlantis
+  validationFailureAction: audit
+