diff --git a/shared/networkpolicies/allow-to-database.yaml b/shared/networkpolicies/allow-to-database.yaml
index b472c8ed1e44e0e280a72030dbe561690c72b5de..10b360881d8ae5c688745f0f029240fe761a7b20 100644
--- a/shared/networkpolicies/allow-to-database.yaml
+++ b/shared/networkpolicies/allow-to-database.yaml
@@ -4,6 +4,17 @@ metadata:
   name: allow-to-database
 spec:
   egress:
+  - to:
+      - namespaceSelector:
+          matchLabels:
+            kubernetes.io/metadata.name: kube-system
+        podSelector:
+          matchLabels:
+            component: kube-apiserver
+            tier: control-plane
+    ports:
+      - protocol: TCP
+        port: 6443
   - to:
       - ipBlock:
           cidr: 192.168.100.60/32