From d4e4954e6a60248d49ca052049470adff90c2412 Mon Sep 17 00:00:00 2001
From: srir <srir@redhat.com>
Date: Thu, 9 Oct 2025 21:11:17 +0530
Subject: [PATCH] OSDOCS#15779: Network policies for the SSCSI Operator

---
 ...ge-csi-secrets-store-network-policies.adoc | 27 +++++++++++++++++++
 .../persistent-storage-csi-secrets-store.adoc |  4 ++-
 2 files changed, 30 insertions(+), 1 deletion(-)
 create mode 100644 modules/persistent-storage-csi-secrets-store-network-policies.adoc

diff --git a/modules/persistent-storage-csi-secrets-store-network-policies.adoc b/modules/persistent-storage-csi-secrets-store-network-policies.adoc
new file mode 100644
index 0000000000..8d5729e89c
--- /dev/null
+++ b/modules/persistent-storage-csi-secrets-store-network-policies.adoc
@@ -0,0 +1,27 @@
+// Module included in the following assemblies:
+//
+// * storage/container_storage_interface/persistent-storage-csi-secrets-store.adoc
+//
+
+:_mod-docs-content-type: CONCEPT
+[id="persistent-storage-csi-secrets-store-network-policies_{context}"]
+= Support for network policies
+
+The {secrets-store-operator} includes pre-defined `NetworkPolicies` resources for enhanced security. These policies govern the ingress and egress traffic for both the SS-CSI Operator and its associated driver.
+
+The following table summarizes the default ingress and egress rules:
+
+[cols="1,1,1,1", options="header"]
+|===
+| Component | Ingress ports | Egress ports | Description
+
+| {secrets-store-operator}
+| `8443`
+| `6443`
+| Accesses metrics and communicates with the API server
+
+| {secrets-store-driver}
+| `8095`
+| `6443`
+| Accesses metrics and communicates with the API server
+|===
diff --git a/storage/container_storage_interface/persistent-storage-csi-secrets-store.adoc b/storage/container_storage_interface/persistent-storage-csi-secrets-store.adoc
index b4cd2391e2..e96d496654 100644
--- a/storage/container_storage_interface/persistent-storage-csi-secrets-store.adoc
+++ b/storage/container_storage_interface/persistent-storage-csi-secrets-store.adoc
@@ -1,6 +1,6 @@
 :_mod-docs-content-type: ASSEMBLY
 [id="persistent-storage-csi-secrets-store"]
-= {secrets-store-driver}
+= Secrets Store Container Storage Interface Driver Operator
 include::_attributes/common-attributes.adoc[]
 :context: persistent-storage-csi-secrets-store
 
@@ -24,6 +24,8 @@ include::modules/persistent-storage-csi-secrets-store-disconnect-environment.ado
 For more information about disconnected environments, see xref:../../disconnected/about.adoc#about[About disconnected environments].
 ====
 
+include::modules/persistent-storage-csi-secrets-store-network-policies.adoc[leveloffset=+1]
+
 include::modules/persistent-storage-csi-secrets-store-driver-install.adoc[leveloffset=+1]
 
 .Next steps