diff --git a/values/system/oceanbox/kyverno/sync-slurm-token.yaml b/values/system/oceanbox/kyverno/sync-slurm-token.yaml
new file mode 100644
index 00000000..a5409b62
--- /dev/null
+++ b/values/system/oceanbox/kyverno/sync-slurm-token.yaml
@@ -0,0 +1,35 @@
+{{- if .Values.clusterConfig.kyverno.enabled }}
+apiVersion: kyverno.io/v1
+kind: ClusterPolicy
+metadata:
+  name: sync-slurm-token
+spec:
+  background: true
+  generateExisting: false
+  rules:
+  - name: sync-slurmrestd-token
+    skipBackgroundRequests: true
+    generate:
+      apiVersion: v1
+      kind: Secret
+      name: '{{`{{ request.object.metadata.name }}`}}'
+      namespace: '{{`{{ request.object.metadata.namespace }}`}}'
+      synchronize: true
+      clone:
+        name: slurm-access-token
+        namespace: prod-atlantis
+    match:
+     any:
+     - resources:
+         kinds:
+         - Secret
+         names:
+         - slurm-access-token
+         annotations:
+           kyverno/clone: "true"
+    exclude:
+      any:
+      - resources:
+          annotations:
+            vcluster.loft.sh/controlled-by: secret/v1/GenericImport
+{{- end }}