diff --git a/values/slurm-operator/manifests/policies/CiliumNetworkPolicy-allow-api-server.yaml b/values/slurm-operator/manifests/policies/CiliumNetworkPolicy-allow-api-server.yaml
index 97ff48c6..16b530de 100644
--- a/values/slurm-operator/manifests/policies/CiliumNetworkPolicy-allow-api-server.yaml
+++ b/values/slurm-operator/manifests/policies/CiliumNetworkPolicy-allow-api-server.yaml
@@ -3,16 +3,12 @@ apiVersion: cilium.io/v2
 kind: CiliumNetworkPolicy
 metadata:
   name: allow-api-server
-  namespace: slinky
+  namespace: slurm-operator
 spec:
   egress:
     - toEntities:
         - kube-apiserver
-      toPorts:
-        - ports:
-            - port: "6443"
-              protocol: TCP
   endpointSelector:
     matchLabels:
       app.kubernetes.io/instance: slurm-operator
-{{- end }}
+{{- end}}
diff --git a/values/slurm-operator/manifests/policies/CiliumNetworkPolicy-allow-host-to-mariadb.yaml b/values/slurm-operator/manifests/policies/CiliumNetworkPolicy-allow-host-to-mariadb.yaml
new file mode 100644
index 00000000..177eda37
--- /dev/null
+++ b/values/slurm-operator/manifests/policies/CiliumNetworkPolicy-allow-host-to-mariadb.yaml
@@ -0,0 +1,14 @@
+{{- if .Values.clusterConfig.cilium.enabled }}
+apiVersion: cilium.io/v2
+kind: CiliumNetworkPolicy
+metadata:
+  name: allow-host-to-mariadb
+  namespace: slurm-operator
+spec:
+  endpointSelector:
+    matchLabels:
+      app.kubernetes.io/instance: slurm-operator
+  ingress:
+    - fromEntities:
+        - host
+{{- end}}
diff --git a/values/slurm-operator/manifests/policies/CiliumNetworkPolicy-allow-prometheus-metrics.yaml b/values/slurm-operator/manifests/policies/CiliumNetworkPolicy-allow-prometheus-metrics.yaml
new file mode 100644
index 00000000..4c5b4056
--- /dev/null
+++ b/values/slurm-operator/manifests/policies/CiliumNetworkPolicy-allow-prometheus-metrics.yaml
@@ -0,0 +1,19 @@
+{{- if .Values.clusterConfig.cilium.enabled }}
+apiVersion: cilium.io/v2
+kind: CiliumNetworkPolicy
+metadata:
+  name: allow-prometheus-metrics
+  namespace: slurm-operator
+spec:
+  endpointSelector:
+    matchLabels:
+      app.kubernetes.io/instance: slurm-operator
+  ingress:
+    - fromEndpoints:
+        - matchLabels:
+            io.kubernetes.pod.namespace: prometheus
+      toPorts:
+        - ports:
+            - port: "8080"
+              protocol: TCP
+{{- end}}
diff --git a/values/slurm-operator/manifests/policies/CiliumNetworkPolicy-allow-remote-node-webhooks.yaml b/values/slurm-operator/manifests/policies/CiliumNetworkPolicy-allow-remote-node-webhooks.yaml
new file mode 100644
index 00000000..aea10d4b
--- /dev/null
+++ b/values/slurm-operator/manifests/policies/CiliumNetworkPolicy-allow-remote-node-webhooks.yaml
@@ -0,0 +1,20 @@
+{{- if .Values.clusterConfig.cilium.enabled }}
+apiVersion: cilium.io/v2
+kind: CiliumNetworkPolicy
+metadata:
+  name: allow-remote-node-webhooks
+  namespace: slurm-operator
+spec:
+  endpointSelector:
+    matchLabels: {}
+  ingress:
+    - fromEntities:
+        - kube-apiserver
+        - remote-node
+      toPorts:
+        - ports:
+            - port: "443"
+              protocol: TCP
+            - port: "9443"
+              protocol: TCP
+{{- end}}