diff --git a/chart/templates/kyverno-policies/values.yaml b/chart/templates/kyverno-policies/values.yaml
index d3d0fa675113a881b9c7866481a8ced998cb1c43..33cf4b4f1924fa5ed381709499126a0f24be1ddb 100644
--- a/chart/templates/kyverno-policies/values.yaml
+++ b/chart/templates/kyverno-policies/values.yaml
@@ -120,24 +120,6 @@ policies:
     validationFailureAction: Audit
     exclude:
       any:
-      {{- if .Values.addons.gitlab.enabled }}
-      - resources:
-          namespaces:
-          - gitlab
-          kinds:
-          - Pod
-          names:
-          - gitlab-shared-secrets*
-      {{- end }}
-      {{- if .Values.addons.gitlabRunner.enabled }}
-      - resources:
-          namespaces:
-          - gitlab-runner
-          kinds:
-          - ServiceAccount
-          names:
-          - gitlab-runner
-      {{- end }}
       {{- if .Values.kyvernoReporter.enabled }}
       - resources:
           namespaces:
@@ -149,26 +131,6 @@ policies:
           - kyverno-reporter*
       {{- end }}
       {{- if .Values.monitoring.enabled }}
-      - resources:
-          namespaces:
-          - monitoring
-          kinds:
-          - ServiceAccount
-          names:
-          - monitoring-monitoring-prometheus-node-exporter
-          - monitoring-monitoring-kube-operator
-          - monitoring-monitoring-kube-state-metrics
-          - monitoring-monitoring-kube-admission
-          - monitoring-monitoring-kube-prometheus
-      - resources:
-          namespaces:
-          - monitoring
-          kinds:
-          - Pod
-          - Deployment
-          names:
-          - prometheus-monitoring-monitoring-kube-prometheus*
-      {{- end }}
       - resources:
           namespaces:
           - flux-system
@@ -180,6 +142,7 @@ policies:
           - helm-controller-*
           - source-controller-*
           - kustomize-controller-*
+      {{- end }}
 
   {{- if or .Values.fluentbit.enabled .Values.monitoring.enabled .Values.twistlock.enabled }}
   disallow-tolerations:
@@ -726,6 +689,9 @@ policies:
       - bigbang
       - flux-system
       - keycloak
+      - monitoring
+      - gitlab
+      - gitlab-runner
 
   update-automountserviceaccounttokens:
     enabled: true
@@ -863,8 +829,18 @@ policies:
       - namespace: monitoring
         serviceAccounts:
         - monitoring-grafana
+        - monitoring-monitoring-kube-admission
+        - monitoring-monitoring-kube-prometheus
+        - monitoring-monitoring-kube-state-metrics
+        - monitoring-monitoring-kube-operator
+        - monitoring-monitoring-prometheus-node-exporter
         pods:
         - monitoring-grafana-*
+        - monitoring-monitoring-kube-admission-create-*
+        - monitoring-monitoring-kube-admission-patch-*
+        - monitoring-monitoring-kube-state-metrics-*
+        - monitoring-monitoring-kube-operator-*
+        - prometheus-monitoring-monitoring-kube-prometheus-*
       - namespace: anchore
         serviceAccounts:
         - anchore-ui-redis
@@ -933,6 +909,14 @@ policies:
       - namespace: keycloak
         serviceAccounts:
         - keycloak
+      - namespace: gitlab
+        pods:
+        - gitlab-shared-secrets*
+      - namespace: gitlab-runner
+        serviceAccounts: 
+        - gitlab-runner
+        pods:
+        - gitlab-runner-*
 
 istio:
   enabled: {{ .Values.istio.enabled }}