diff --git a/deploy/chart/local-path-provisioner/templates/networkpolicy.yaml b/deploy/chart/local-path-provisioner/templates/networkpolicy.yaml
new file mode 100644
index 00000000..6beda233
--- /dev/null
+++ b/deploy/chart/local-path-provisioner/templates/networkpolicy.yaml
@@ -0,0 +1,22 @@
+{{- if .Values.networkPolicy.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: {{ template "local-path-provisioner.fullname" . }}-network-policy
+  namespace: {{ include "local-path-provisioner.namespace" . }}
+spec:
+  egress:
+    {{- with .Values.networkPolicy.egress }}
+      {{- toYaml . | nindent 4 }}
+    {{- end }}
+  ingress:
+    {{- with .Values.networkPolicy.ingress }}
+      {{- toYaml . | nindent 4 }}
+    {{- end }}
+  podSelector:
+    matchLabels:
+      {{- include "local-path-provisioner.selectorLabels" . | nindent 6 }}
+  policyTypes:
+  - Egress
+  - Ingress
+{{- end }}
diff --git a/deploy/chart/local-path-provisioner/values.yaml b/deploy/chart/local-path-provisioner/values.yaml
index 4ed1064c..d0046048 100644
--- a/deploy/chart/local-path-provisioner/values.yaml
+++ b/deploy/chart/local-path-provisioner/values.yaml
@@ -103,6 +103,30 @@ podSecurityContext: {}
 
 hostUsers: true
 
+# `networkPolicy` allows you to define acceptable network trafic
+networkPolicy:
+  # -- Specifies whether the networkPolicy should be created.
+  enabled: false
+  # -- The ingress traffic
+  # Should match the health and (optionally) metrics port
+  ingress: []
+  # -- The egress traffic
+  # The minimum egress ports required to function are:
+  #   DNS (53/udp, 53/tcp)
+  #   API server (80/tcp, 443/tcp, 6443/tcp) NOTE: OKD and Openshift use 6443/tcp
+  egress:
+  - ports:
+    - port: 80
+      protocol: TCP
+    - port: 443
+      protocol: TCP
+    - port: 53
+      protocol: TCP
+    - port: 53
+      protocol: UDP
+    - port: 6443
+      protocol: TCP
+
 securityContext: {}
   # allowPrivilegeEscalation: false
   # seccompProfile: