diff --git a/firefly-iii/kustomization.yaml b/firefly-iii/kustomization.yaml
index 969c80b..17c6868 100644
--- a/firefly-iii/kustomization.yaml
+++ b/firefly-iii/kustomization.yaml
@@ -16,6 +16,7 @@ resources:
 - importer.yaml
 - importer-ingress.yaml
 - ../dch-root-ca
+- network-policy.yaml
 
 configMapGenerator:
 - name: firefly-iii
diff --git a/firefly-iii/network-policy.yaml b/firefly-iii/network-policy.yaml
new file mode 100644
index 0000000..172a65d
--- /dev/null
+++ b/firefly-iii/network-policy.yaml
@@ -0,0 +1,61 @@
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: firefly-iii
+  labels:
+    app.kubernetes.io/name: firefly-iii
+    app.kubernetes.io/component: firefly-iii
+spec:
+  egress:
+  # Allow access to other components of the Firefly III ecosystem
+  - to:
+    - namespaceSelector:
+        matchLabels:
+          kubernetes.io/metadata.name: firefly-iii
+  # Allow access Kubernetes cluster DNS
+  - to:
+    - namespaceSelector:
+        matchLabels:
+          kubernetes.io/metadata.name: kube-system
+      podSelector:
+        matchLabels:
+          k8s-app: kube-dns
+    ports:
+    - port: 53
+      protocol: UDP
+    - port: 53
+      protocol: TCP
+  # Allow access to the PostgreSQL database server
+  - to:
+    - ipBlock:
+        cidr: 172.30.0.0/26
+    ports:
+    - port: 5432
+      protocol: TCP
+  # Allow access to SMTP on mail.pyrocufflink.blue
+  - to:
+    - ipBlock:
+        cidr: 172.30.0.12/32
+    ports:
+    - port: 25
+  # Allow access dch-webhooks
+  - to:
+    - namespaceSelector:
+        matchLabels:
+          kubernetes.io/metadata.name: default
+      podSelector:
+        matchLabels:
+          app.kubernetes.io/name: dch-webhooks
+  # Allow access ntfy
+  - to:
+    - namespaceSelector:
+        matchLabels:
+          kubernetes.io/metadata.name: ntfy
+      podSelector:
+        matchLabels:
+          app.kubernetes.io/name: ntfy
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/component: firefly-iii
+  policyTypes:
+  - Egress