diff --git a/shared/networkpolicies/allow-from-database.yaml b/shared/networkpolicies/allow-from-database.yaml
index 3720a749a6bc496857313662f3bcffb6b6dbba0d..e10a83f8a02ec93ad45b468897823328a9804942 100644
--- a/shared/networkpolicies/allow-from-database.yaml
+++ b/shared/networkpolicies/allow-from-database.yaml
@@ -11,8 +11,11 @@ spec:
         matchLabels:
           database.shivering-isles.com/network-access-required: "true"
       podSelector:
-        matchLabels:
-          app.kubernetes.io/name: postgres-operator
+        matchExpressions:
+          - key: app.kubernetes.io/name
+            operator: In
+            values:
+              - postgres-operator
     ports:
     - port: 8008
       protocol: TCP
@@ -25,13 +28,19 @@ spec:
         matchLabels:
           monitoring.shivering-isles.com/network-access-required: "true"
       podSelector:
-        matchLabels:
-          app.kubernetes.io/name: prometheus
+        matchExpressions:
+          - key: app.kubernetes.io/name
+            operator: In
+            values:
+              - prometheus
     ports:
     - port: 9187
       protocol: TCP
     - port: 8008
       protocol: TCP
   podSelector:
-    matchLabels:
-      application: spilo
+    matchExpressions:
+      - key: application
+        operator: In
+        values:
+          - spilo
diff --git a/shared/networkpolicies/allow-from-ingress.yaml b/shared/networkpolicies/allow-from-ingress.yaml
index afa5b0a75b1913c08fd9482e752fda961ec56c98..0a0aaa1a1550967353146e68a957372a05062fad 100644
--- a/shared/networkpolicies/allow-from-ingress.yaml
+++ b/shared/networkpolicies/allow-from-ingress.yaml
@@ -9,3 +9,5 @@ spec:
     - namespaceSelector:
         matchLabels:
           ingress.shivering-isles.com/network-access-required: "true"
+  podSelector:
+    matchLabels: {}
\ No newline at end of file
diff --git a/shared/networkpolicies/allow-from-kube-system.yaml b/shared/networkpolicies/allow-from-kube-system.yaml
index 663d92dcdb43390128e2cab5bc201007f3b7af1a..476ceaee0c97e7b96b78196c3f9a8274bb59ca6c 100644
--- a/shared/networkpolicies/allow-from-kube-system.yaml
+++ b/shared/networkpolicies/allow-from-kube-system.yaml
@@ -9,8 +9,6 @@ spec:
     - namespaceSelector:
         matchLabels:
           kubernetes.io/metadata.name: kube-system
-      podSelector:
-          matchLabels: {}
   - from:
     - ipBlock:
         cidr: 192.168.100.0/24 # Kubernetes hosts
diff --git a/shared/networkpolicies/allow-from-monitoring.yaml b/shared/networkpolicies/allow-from-monitoring.yaml
index ec8e45902ac479ec509aff72989921d8c717791c..e083bdf3102173cd8aca59d78c61535bc83a56bc 100644
--- a/shared/networkpolicies/allow-from-monitoring.yaml
+++ b/shared/networkpolicies/allow-from-monitoring.yaml
@@ -11,5 +11,10 @@ spec:
         matchLabels:
           monitoring.shivering-isles.com/network-access-required: "true"
       podSelector:
-        matchLabels:
-          app.kubernetes.io/name: prometheus
+        matchExpressions:
+          - key: app.kubernetes.io/name
+            operator: In
+            values:
+              - prometheus
+  podSelector:
+    matchLabels: {}
\ No newline at end of file
diff --git a/shared/networkpolicies/allow-from-redis.yaml b/shared/networkpolicies/allow-from-redis.yaml
index 1a6a039842dfaf21d548dea88ed4d51ac0cf86ce..df5fe15e3c6efb785b2e30cb61aee54982142fd3 100644
--- a/shared/networkpolicies/allow-from-redis.yaml
+++ b/shared/networkpolicies/allow-from-redis.yaml
@@ -12,13 +12,19 @@ spec:
         matchLabels:
           redis.shivering-isles.com/network-access-required: "true"
       podSelector:
-        matchLabels:
-          app.kubernetes.io/name: redis-operator
+        matchExpressions:
+          - key: app.kubernetes.io/name
+            operator: In
+            values:
+              - redis-operator
     ports:
     - port: 26379
       protocol: TCP
     - port: 6379
       protocol: TCP
   podSelector:
-    matchLabels:
-      app.kubernetes.io/part-of: redis-failover
+    matchExpressions:
+      - key: app.kubernetes.io/part-of
+        operator: In
+        values:
+          - redis-failover
diff --git a/shared/networkpolicies/allow-to-database.yaml b/shared/networkpolicies/allow-to-database.yaml
index 53a142d6c1310dd30c238074b7f2673785bb17b1..8e86c16cd71f462f173977b2a6d9ffba3467b43f 100644
--- a/shared/networkpolicies/allow-to-database.yaml
+++ b/shared/networkpolicies/allow-to-database.yaml
@@ -18,10 +18,16 @@ spec:
         port: 9000
   - to:
       - podSelector:
-          matchLabels:
-            application: spilo
+          matchExpressions:
+          - key: application
+            operator: In
+            values:
+              - spilo
   podSelector:
-    matchLabels:
-      application: spilo
+    matchExpressions:
+      - key: application
+        operator: In
+        values:
+          - spilo
   policyTypes:
   - Egress
diff --git a/shared/networkpolicies/allow-to-kubedns.yaml b/shared/networkpolicies/allow-to-kubedns.yaml
index 0edb8bfb40c62c1bc7478200b30c6e345feac5f4..3b8d0e8d874396bd2deb13f6456afdc08552e57b 100644
--- a/shared/networkpolicies/allow-to-kubedns.yaml
+++ b/shared/networkpolicies/allow-to-kubedns.yaml
@@ -6,16 +6,21 @@ metadata:
 spec:
   egress:
     - to:
-        - namespaceSelector:
-            matchLabels:
-              kubernetes.io/metadata.name: kube-system
-          podSelector:
-            matchLabels:
-              k8s-app: kube-dns
+      - namespaceSelector:
+          matchLabels:
+            kubernetes.io/metadata.name: kube-system
+        podSelector:
+          matchExpressions:
+            - key: k8s-app
+              operator: In
+              values:
+                - kube-dns
       ports:
         - port: 53
           protocol: UDP
         - port: 53
           protocol: TCP
   policyTypes:
-    - Egress
\ No newline at end of file
+    - Egress
+  podSelector:
+    matchLabels: {}
\ No newline at end of file
diff --git a/shared/networkpolicies/allow-to-mailbox-org.yaml b/shared/networkpolicies/allow-to-mailbox-org.yaml
index f302e1d8328d369f25e940fa9e1fc3b9f8d60d50..6741df6abf689ad38451493522c57c432834002f 100644
--- a/shared/networkpolicies/allow-to-mailbox-org.yaml
+++ b/shared/networkpolicies/allow-to-mailbox-org.yaml
@@ -18,12 +18,17 @@ spec:
         matchLabels:
           kubernetes.io/metadata.name: kube-system
       podSelector:
-        matchLabels:
-          k8s-app: kube-dns
+        matchExpressions:
+          - key: k8s-app
+            operator: In
+            values:
+              - kube-dns
       ports:
         - port: 53
           protocol: UDP
         - port: 53
           protocol: TCP
+  podSelector:
+    matchLabels: {}
   policyTypes:
   - Egress
diff --git a/shared/networkpolicies/allow-to-public-web.yaml b/shared/networkpolicies/allow-to-public-web.yaml
index b1f260c72443791c347a47c54158ecb217b56daf..1a079375800a6fefff6defdb76ae724d3facd26d 100644
--- a/shared/networkpolicies/allow-to-public-web.yaml
+++ b/shared/networkpolicies/allow-to-public-web.yaml
@@ -10,8 +10,11 @@ spec:
         matchLabels:
           kubernetes.io/metadata.name: nginx-system
       podSelector:
-        matchLabels:
-          app.kubernetes.io/name: haproxy
+        matchExpressions:
+          - key: app.kubernetes.io/name
+            operator: In
+            values:
+              - haproxy
     ports:
       - protocol: TCP
         port: 80
@@ -36,12 +39,17 @@ spec:
         matchLabels:
           kubernetes.io/metadata.name: kube-system
       podSelector:
-        matchLabels:
-          k8s-app: kube-dns
+        matchExpressions:
+          - key: k8s-app
+            operator: In
+            values:
+              - kube-dns
       ports:
         - port: 53
           protocol: UDP
         - port: 53
           protocol: TCP
+  podSelector:
+    matchLabels: {}
   policyTypes:
   - Egress
\ No newline at end of file