diff --git a/charts/kyverno/README.md b/charts/kyverno/README.md
index 6bdb29b261..641997f3c6 100644
--- a/charts/kyverno/README.md
+++ b/charts/kyverno/README.md
@@ -68,9 +68,11 @@ Parameter | Description | Default
 `createSelfSignedCert` | generate a self signed cert and certificate authority. Kyverno defaults to using kube-controller-manager CA-signed certificate or existing cert secret if false. | `false`
 `config.existingConfig` | existing Kubernetes configmap to use for the resource filters configuration | `nil`
 `config.resourceFilters` | list of filter of resource types to be skipped by kyverno policy engine. See [documentation](https://github.com/kyverno/kyverno/blob/master/documentation/installation.md#filter-kubernetes-resources-that-admission-webhook-should-not-process) for details | `["[Event,*,*]","[*,kube-system,*]","[*,kube-public,*]","[*,kube-node-lease,*]","[Node,*,*]","[APIService,*,*]","[TokenReview,*,*]","[SubjectAccessReview,*,*]","[*,kyverno,*]"]`
+`dnsPolicy` | Sets the DNS Policy which determines the manner in which DNS resolution happens across the cluster. For further reference, see [the official docs](https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy) | `ClusterFirst`
 `extraArgs` | list of extra arguments to give the binary | `[]`
 `fullnameOverride` | override the expanded name of the chart | `nil`
 `generatecontrollerExtraResources` | extra resource type Kyverno is allowed to generate | `[]`
+`hostNetwork` | Use the host network's namespace. Set it to `true` when dealing with a custom CNI over Amazon EKS | `false`
 `image.pullPolicy` | Image pull policy | `IfNotPresent`
 `image.pullSecrets` | Specify image pull secrets | `[]` (does not add image pull secrets to deployed pods)
 `image.repository` | Image repository | `ghcr.io/kyverno/kyverno`
diff --git a/charts/kyverno/templates/deployment.yaml b/charts/kyverno/templates/deployment.yaml
index a412734c16..1afcfbdc02 100644
--- a/charts/kyverno/templates/deployment.yaml
+++ b/charts/kyverno/templates/deployment.yaml
@@ -37,6 +37,12 @@ spec:
       {{- if .Values.priorityClassName }}
       priorityClassName: {{ .Values.priorityClassName | quote }}
       {{- end }}
+      {{- if .Values.hostNetwork }}
+      hostNetwork: {{ .Values.hostNetwork }}
+      {{- end }}
+      {{- if .Values.dnsPolicy }}
+      dnsPolicy: {{ .Values.dnsPolicy }}
+      {{- end }}
       initContainers:
         - name: kyverno-pre
           image: {{ .Values.initImage.repository }}:{{ default .Chart.AppVersion (default .Values.image.tag .Values.initImage.tag) }}
diff --git a/charts/kyverno/values.yaml b/charts/kyverno/values.yaml
index cf0d45fcb8..a3a3b8f13e 100644
--- a/charts/kyverno/values.yaml
+++ b/charts/kyverno/values.yaml
@@ -42,6 +42,16 @@ affinity: {}
 nodeSelector: {}
 tolerations: []
 
+# change hostNetwork to true when you want the kyverno's pod to share its host's network namespace
+# useful for situations like when you end up dealing with a custom CNI over Amazon EKS
+# update the 'dnsPolicy' accordingly as well to suit the host network mode
+hostNetwork: false
+
+# dnsPolicy determines the manner in which DNS resolution happens in the cluster
+# in case of hostNetwork: true, usually, the dnsPolicy is suitable to be "ClusterFirstWithHostNet"
+# for further reference: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy
+dnsPolicy: "ClusterFirst"
+
 extraArgs: []
 # - --webhooktimeout=4