diff --git a/clusters/k8s-avroid-office.prod.local/namespaces/avroid-prod/security/trivy/argocd-apps-trivy-network-policy.yaml b/clusters/k8s-avroid-office.prod.local/namespaces/avroid-prod/security/trivy/argocd-apps-trivy-network-policy.yaml
index f07696d..a4bf914 100644
--- a/clusters/k8s-avroid-office.prod.local/namespaces/avroid-prod/security/trivy/argocd-apps-trivy-network-policy.yaml
+++ b/clusters/k8s-avroid-office.prod.local/namespaces/avroid-prod/security/trivy/argocd-apps-trivy-network-policy.yaml
@@ -20,6 +20,25 @@ spec:
     - ports:
         - port: 4954
           protocol: TCP
+# https://aquasecurity.github.io/trivy-operator/v0.23.0/getting-started/installation/troubleshooting/#installing-the-operator-in-a-namespace-with-default-deny-all-egressingress-network-policies
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: trivy-in-4954
+  namespace: avroid-prod
+  labels:
+    app.kubernetes.io/managed-by: argocd
+spec:
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/name: trivy
+  policyTypes:
+    - Ingress
+  ingress:
+    - ports:
+        - port: 4954
+          protocol: TCP
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy