diff --git a/src/main/helm/templates/network_policy.yaml b/src/main/helm/templates/network_policy.yaml
index 84d32e47e7376abf7c739e30b4f318b6db1c07a9..5cee334200dc20e95ac6ea0cc7f857d2f4ae876b 100644
--- a/src/main/helm/templates/network_policy.yaml
+++ b/src/main/helm/templates/network_policy.yaml
@@ -84,4 +84,9 @@ spec:
     - ipBlock:
         cidr:  {{ required "kopProxyApi.cidr muss angegeben sein" (.Values.kopProxyApi).cidr }}
 {{- end }}
+{{- if ((.Values.ozgcloud).bayernid).server }}
+  - to:
+    - ipBlock:
+        cidr:  {{ required "ozgcloud.bayernid.cidr muss angegeben sein" ((.Values.ozgcloud).bayernid).cidr }}
+{{- end }}
 {{- end }}
\ No newline at end of file
diff --git a/src/test/helm/network_policy_test.yaml b/src/test/helm/network_policy_test.yaml
index 55f693c76d383e8b69e1d39377942e6a8b7b05eb..ca1e231f226a1ba90507c40745960797a107b2a3 100644
--- a/src/test/helm/network_policy_test.yaml
+++ b/src/test/helm/network_policy_test.yaml
@@ -134,6 +134,20 @@ tests:
               - ipBlock:
                   cidr: 1.2.3.4/1
 
+  - it: test bayernid egress
+    set:
+      ozgcloud:
+        bayernid:
+          server: https://bayernid.test
+          cidr: 2.3.4.5/1
+    asserts:
+      - contains:
+          path: spec.egress
+          content:
+            to:
+              - ipBlock:
+                  cidr: 2.3.4.5/1
+
   - it: test network policy disabled
     set:
       networkPolicy: