diff --git a/src/cloud-api-adaptor/podvm/files/etc/kata-opa/default-policy.rego b/src/cloud-api-adaptor/podvm/files/etc/kata-opa/default-policy.rego
index 32fde3b9d..55d5e5550 120000
--- a/src/cloud-api-adaptor/podvm/files/etc/kata-opa/default-policy.rego
+++ b/src/cloud-api-adaptor/podvm/files/etc/kata-opa/default-policy.rego
@@ -1 +1 @@
-allow-all.rego
\ No newline at end of file
+/run/peerpod/policy.rego
\ No newline at end of file
diff --git a/src/cloud-api-adaptor/podvm/files/etc/tmpfiles.d/policy.conf b/src/cloud-api-adaptor/podvm/files/etc/tmpfiles.d/policy.conf
new file mode 100644
index 000000000..055a0d364
--- /dev/null
+++ b/src/cloud-api-adaptor/podvm/files/etc/tmpfiles.d/policy.conf
@@ -0,0 +1,2 @@
+#Type   Path                            Mode User Group Age     Argument
+C       /run/peerpod/policy.rego        -    -    -     -       /etc/kata-opa/allow-all.rego
diff --git a/src/cloud-api-adaptor/podvm/qcow2/copy-files.sh b/src/cloud-api-adaptor/podvm/qcow2/copy-files.sh
index f69c315d4..9f18b096b 100755
--- a/src/cloud-api-adaptor/podvm/qcow2/copy-files.sh
+++ b/src/cloud-api-adaptor/podvm/qcow2/copy-files.sh
@@ -29,3 +29,4 @@ sudo cp -a /tmp/files/pause_bundle /
 # Copy the kata-agent OPA policy files
 sudo mkdir -p /etc/kata-opa
 sudo cp -a /tmp/files/etc/kata-opa/* /etc/kata-opa/
+sudo cp -a /tmp/files/etc/tmpfiles.d/policy.conf /etc/tmpfiles.d/