diff --git a/infrastructure/monitoring/kustomization.yaml b/infrastructure/monitoring/kustomization.yaml
index ab59d14815fde1d48aeffa9e7d0d849be151eaab..d88ac8cc5cc5b6f8740f7f1f8418f0ec664ed2a5 100644
--- a/infrastructure/monitoring/kustomization.yaml
+++ b/infrastructure/monitoring/kustomization.yaml
@@ -6,3 +6,6 @@ resources:
   - repository.yaml
   - release.yaml
   - ../../shared/networkpolicies/allow-from-same-namespace.yaml
+  - ../../shared/networkpolicies/allow-from-ingress.yaml
+patchesStrategicMerge:
+  - networkpolicy.yaml
diff --git a/infrastructure/monitoring/networkpolicy.yaml b/infrastructure/monitoring/networkpolicy.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..460c09edfe8295aae0dc88d3f1ca9f4c8f1ad374
--- /dev/null
+++ b/infrastructure/monitoring/networkpolicy.yaml
@@ -0,0 +1,14 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: allow-from-ingress
+spec:
+  podSelector:
+    matchExpressions:
+      - key: app.kubernetes.io/name
+        operator: In
+        values:
+          - alertmanager
+          - grafana
+          - prometheus