diff --git a/charts/github-oidc-federation/templates/deployment.yaml b/charts/github-oidc-federation/templates/deployment.yaml
index e61b7f7..968a03d 100644
--- a/charts/github-oidc-federation/templates/deployment.yaml
+++ b/charts/github-oidc-federation/templates/deployment.yaml
@@ -3,7 +3,6 @@ kind: Deployment
 metadata:
   name: github-oidc-federation
 spec:
-  replicas: 1
   selector:
     matchLabels:
       role: github-oidc-federation
@@ -30,3 +29,10 @@ spec:
         - name: github-oidc-federation
           secret:
             secretName: github-oidc-federation
+      topologySpreadConstraints:
+        - maxSkew: 1
+          topologyKey: topology.kubernetes.io/zone
+          whenUnsatisfiable: DoNotSchedule
+          labelSelector:
+            matchLabels:
+              role: github-oidc-federation
diff --git a/charts/github-oidc-federation/templates/hpa.yaml b/charts/github-oidc-federation/templates/hpa.yaml
new file mode 100644
index 0000000..f337da0
--- /dev/null
+++ b/charts/github-oidc-federation/templates/hpa.yaml
@@ -0,0 +1,24 @@
+apiVersion: autoscaling/v2
+kind: HorizontalPodAutoscaler
+metadata:
+  name: github-oidc-federation
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: github-oidc-federation
+  minReplicas: {{ .Values.hpa.minReplicas }}
+  maxReplicas: {{ .Values.hpa.maxReplicas }}
+  metrics:
+    - type: Resource
+      resource:
+        name: cpu
+        target:
+          type: Utilization
+          averageUtilization: {{ .Values.hpa.cpu.averageUtilization }}
+    - type: Resource
+      resource:
+        name: memory
+        target:
+          type: Utilization
+          averageUtilization: {{ .Values.hpa.memory.averageUtilization }}
diff --git a/charts/github-oidc-federation/templates/network_policies.yaml b/charts/github-oidc-federation/templates/network_policies.yaml
index 0e89653..0a35797 100644
--- a/charts/github-oidc-federation/templates/network_policies.yaml
+++ b/charts/github-oidc-federation/templates/network_policies.yaml
@@ -37,3 +37,12 @@ spec:
     - ports:
         - protocol: TCP
           port: 3000
+      {{- if .Values.networkPolicy.ingressController.enabled }}
+      from:
+        - namespaceSelector:
+            matchLabels:
+              kubernetes.io/metadata.name: nginx-ingress
+          podSelector:
+            matchLabels:
+              app.kubernetes.io/component: controller
+      {{- end }}
diff --git a/charts/github-oidc-federation/values.yaml b/charts/github-oidc-federation/values.yaml
index ecf3a79..14865d7 100644
--- a/charts/github-oidc-federation/values.yaml
+++ b/charts/github-oidc-federation/values.yaml
@@ -1,3 +1,10 @@
+hpa:
+  minReplicas: 2
+  maxReplicas: 5
+  cpu:
+    averageUtilization: 80
+  memory:
+    averageUtilization: 80
 image:
   repository: europe-docker.pkg.dev/gardener-project/releases/github-oidc-federation
   tag: latest
@@ -5,3 +12,6 @@ ingress:
   annotations: {}
   class: nginx
   hosts: []
+networkPolicy:
+  ingressController:
+    enabled: true