diff --git a/src/main/helm/templates/network_policy.yaml b/src/main/helm/templates/network_policy.yaml
index 4e9d9c7de422715e176c1fa23533d30c65d19aa9..12a3556480bcc43e4781e7ab3800d77b87f47007 100644
--- a/src/main/helm/templates/network_policy.yaml
+++ b/src/main/helm/templates/network_policy.yaml
@@ -45,10 +45,9 @@ spec:
     - podSelector: 
         matchLabels:
           ozg-component: eingangsadapter
-  {{- with (.Values.networkPolicy).additionalIngressConfig }}
-  - from:
-{{ toYaml . | indent 8 }}
-  {{- end }}
+{{- with (.Values.networkPolicy).additionalIngressConfig }}
+{{ toYaml . | indent 2 }}
+{{- end }}
   egress:
   - to:
     - namespaceSelector:
@@ -67,6 +66,13 @@ spec:
     ports:
       - port: 27017
         protocol: TCP
+  - to:
+    - podSelector: 
+        matchLabels:
+          component: user-manager
+    ports:
+      - port: 9090
+        protocol: TCP
   - to:
     - namespaceSelector:
         matchLabels:
diff --git a/src/test/helm/network_policy_test.yaml b/src/test/helm/network_policy_test.yaml
index 7038c4bd4a8ae0c094de8ec639564dad0f8471f0..d6e533e420abd480db55007f2b012007fff140d1 100644
--- a/src/test/helm/network_policy_test.yaml
+++ b/src/test/helm/network_policy_test.yaml
@@ -35,6 +35,7 @@ tests:
     asserts:
       - isAPIVersion:
           of: networking.k8s.io/v1
+
   - it: should match kind
     set:
       networkPolicy:
@@ -42,6 +43,7 @@ tests:
     asserts:
       - isKind:
           of: NetworkPolicy
+
   - it: validate metadata
     set:
       networkPolicy:
@@ -52,6 +54,7 @@ tests:
           value:
             name: network-policy-vorgang-manager
             namespace: by-helm-test
+
   - it: validate spec
     set:
       networkPolicy:
@@ -76,7 +79,6 @@ tests:
               - podSelector: 
                   matchLabels:
                     ozg-component: eingangsadapter
-            
             egress:
             - to:
               - namespaceSelector:
@@ -95,6 +97,13 @@ tests:
               ports:
                 - port: 27017
                   protocol: TCP
+            - to:
+              - podSelector: 
+                  matchLabels:
+                    component: user-manager
+              ports:
+                - port: 9090
+                  protocol: TCP
             - to:
               - namespaceSelector:
                   matchLabels:
@@ -112,28 +121,21 @@ tests:
   - it: add ingress rule by values
     set:
       networkPolicy:
+        ssoPublicIp: 51.89.117.53/32
+        dnsServerNamespace: test-namespace-dns
         additionalIngressConfig:
-        - podSelector: 
-            matchLabels:
-              component: client2
-        dnsServerNamespace: test-dns-namespace
+        - from:
+          - podSelector: 
+              matchLabels:
+                component: client2
     asserts:
-      - equal:
+      - contains:
           path: spec.ingress
-          value:
-            - ports:
-              - port: 9090
-              from:
-              - podSelector: 
-                  matchLabels:
-                    component: alfa
-              - podSelector: 
-                  matchLabels:
-                    ozg-component: eingangsadapter
-            - from:
-              - podSelector: 
-                  matchLabels:
-                    component: client2
+          content:
+            from:
+            - podSelector: 
+                matchLabels:
+                  component: client2
 
   - it: add egress rules by values
     set: