diff --git a/charts/rbac-best-practices/Chart.yaml b/charts/rbac-best-practices/Chart.yaml
index ed4c8274..05d315d4 100644
--- a/charts/rbac-best-practices/Chart.yaml
+++ b/charts/rbac-best-practices/Chart.yaml
@@ -2,7 +2,7 @@ apiVersion: v2
 name: rbac-best-practice-policies
 description: Rbac Best Practice policy set
 type: application
-version: 0.2.0
+version: 0.2.1
 appVersion: 0.1.0
 keywords:
   - kubernetes
diff --git a/charts/rbac-best-practices/pols/restrict-automount-sa-token.yaml b/charts/rbac-best-practices/pols/restrict-automount-sa-token.yaml
index 0c8bd6fa..a7e557f4 100644
--- a/charts/rbac-best-practices/pols/restrict-automount-sa-token.yaml
+++ b/charts/rbac-best-practices/pols/restrict-automount-sa-token.yaml
@@ -24,6 +24,80 @@ spec:
       - resources:
           kinds:
           - Pod
+    exclude:
+      any:
+      - resources:
+          kinds:
+          - Pod
+          selector:
+            matchLabels:
+              app: nirmata-kube-controller
+      - resources:
+          kinds:
+          - Pod
+          selector:
+            matchLabels:
+              app: otel-agent
+      - resources:
+          kinds:
+          - Pod
+          selector:
+            matchLabels:
+              app.kubernetes.io/name: nirmata-kyverno-operator
+      - resources:
+          kinds:
+          - Pod
+          selector:
+            matchLabels:
+              app.kubernetes.io/component: admission-controller    
+      - resources:
+          kinds:
+          - Pod
+          selector:
+            matchLabels:
+              app.kubernetes.io/component: cleanup-controller    
+      - resources:
+          kinds:
+          - Pod
+          selector:
+            matchLabels:
+              app.kubernetes.io/component: background-controller    
+      - resources:
+          kinds:
+          - Pod
+          selector:
+            matchLabels:
+              app.kubernetes.io/component: reports-controller    
+      - resources:
+          kinds:
+          - Pod
+          selector:
+            matchLabels:
+              job-name: "kyverno-cleanup-admission-reports-*"   
+      - resources:
+          kinds:
+          - Pod
+          selector:
+            matchLabels:
+              job-name: "kyverno-cleanup-cluster-admission-reports-*" 
+      - resources:
+          kinds:
+          - Pod
+          selector:
+            matchLabels:
+              job-name: "kyverno-cleanup-ephemeral-reports-*" 
+      - resources:
+          kinds:
+          - Pod
+          selector:
+            matchLabels:
+              job-name: "kyverno-cleanup-cluster-ephemeral-reports-*" 
+      - resources:
+          kinds:
+          - Pod
+          selector:
+            matchLabels:
+              job-name: "kyverno-cleanup-update-requests-*" 
     preconditions:
       all:
       - key: "{{ request.\"object\".metadata.labels.\"app.kubernetes.io/part-of\" || '' }}"
diff --git a/rbac-best-practices/restrict-automount-sa-token/restrict-automount-sa-token.yaml b/rbac-best-practices/restrict-automount-sa-token/restrict-automount-sa-token.yaml
index 0c8bd6fa..7b9b5363 100644
--- a/rbac-best-practices/restrict-automount-sa-token/restrict-automount-sa-token.yaml
+++ b/rbac-best-practices/restrict-automount-sa-token/restrict-automount-sa-token.yaml
@@ -33,4 +33,4 @@ spec:
       message: "Auto-mounting of Service Account tokens is not allowed."
       pattern:
         spec:
-          automountServiceAccountToken: "false"
+          automountServiceAccountToken: "false"
\ No newline at end of file