diff --git a/apps/base/goharbor/kustomization.yaml b/apps/base/goharbor/kustomization.yaml
index ae068bbaae7863f44c7b94bdf8bdcc5142b12c5a..b4d360b94a52ecb759b6ce54e0f1e2f5c0360204 100644
--- a/apps/base/goharbor/kustomization.yaml
+++ b/apps/base/goharbor/kustomization.yaml
@@ -6,5 +6,6 @@ resources:
   - repository.yaml
   - release.yaml
   - ../../../shared/networkpolicies/allow-from-ingress.yaml
+  - ../../../shared/networkpolicies/allow-from-monitoring.yaml
 patchesStrategicMerge:
   - networkpolicy.yaml
diff --git a/apps/base/goharbor/networkpolicy.yaml b/apps/base/goharbor/networkpolicy.yaml
index a0c21ef64a0f874e32500f68388cbda79d4beb76..8aaab3d515d02999dbcd433031342b26d8ce1930 100644
--- a/apps/base/goharbor/networkpolicy.yaml
+++ b/apps/base/goharbor/networkpolicy.yaml
@@ -7,3 +7,13 @@ spec:
   podSelector:
     matchLabels:
       app: harbor
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: allow-from-monitoring
+spec:
+  podSelector:
+    matchLabels:
+      app: harbor
+      release: harbor
diff --git a/shared/networkpolicies/allow-from-monitoring.yaml b/shared/networkpolicies/allow-from-monitoring.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..5ca30bd36253f0ea3fa0a266020d0ff3b47b7d5c
--- /dev/null
+++ b/shared/networkpolicies/allow-from-monitoring.yaml
@@ -0,0 +1,12 @@
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: allow-from-monitoring
+spec:
+  policyTypes:
+  - Ingress
+  ingress:
+  - from:
+    - namespaceSelector:
+        matchLabels:
+          monitoring.shivering-isles.com/network-access-required: "true"