diff --git a/bundle/manifests/konveyor-operator.clusterserviceversion.yaml b/bundle/manifests/konveyor-operator.clusterserviceversion.yaml
index c4f9960..d3cbdc2 100644
--- a/bundle/manifests/konveyor-operator.clusterserviceversion.yaml
+++ b/bundle/manifests/konveyor-operator.clusterserviceversion.yaml
@@ -31,7 +31,7 @@ metadata:
     categories: Modernization & Migration
     certified: "false"
     containerImage: quay.io/konveyor/tackle2-operator:latest
-    createdAt: "2023-05-31T20:22:24Z"
+    createdAt: "2023-06-08T20:09:08Z"
     description: Konveyor is an open-source application modernization platform that
       helps organizations safely and predictably modernize applications to Kubernetes
       at scale.
@@ -283,7 +283,12 @@ spec:
           - servicemonitors
           verbs:
           - get
+          - list
+          - watch
           - create
+          - update
+          - patch
+          - delete
         - apiGroups:
           - apps.openshift.io
           resources:
diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml
index d0b0535..3d43fe2 100644
--- a/config/rbac/role.yaml
+++ b/config/rbac/role.yaml
@@ -49,7 +49,12 @@ rules:
   - servicemonitors
   verbs:
   - get
+  - list
+  - watch
   - create
+  - update
+  - patch
+  - delete
 - apiGroups:
   - apps.openshift.io
   resources:
diff --git a/roles/tackle/tasks/main.yml b/roles/tackle/tasks/main.yml
index e6c1306..38d015b 100644
--- a/roles/tackle/tasks/main.yml
+++ b/roles/tackle/tasks/main.yml
@@ -513,3 +513,11 @@
         api_version: apps/v1
         name: "{{ keycloak_sso_deployment_name }}"
         namespace: "{{ app_namespace }}"
+
+- name: "Create Hub ServiceMonitor"
+  k8s:
+    state: present
+    definition: "{{ lookup('template', 'servicemonitor-hub.yml.j2') }}"
+  when:
+    - hub_metrics_enabled|bool
+    - openshift_cluster|bool
\ No newline at end of file
diff --git a/roles/tackle/templates/networkpolicy.yml.j2 b/roles/tackle/templates/networkpolicy.yml.j2
index 05e13b3..ce1587a 100644
--- a/roles/tackle/templates/networkpolicy.yml.j2
+++ b/roles/tackle/templates/networkpolicy.yml.j2
@@ -41,3 +41,18 @@ spec:
   - ports:
     - port: 8080
     - port: 8443
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: {{ app_name }}-metrics
+  namespace: {{ app_namespace }}
+  labels:
+    app: {{ app_name }}
+spec:
+  podSelector:
+    matchLabels:
+      role: {{ hub_service_name }}
+    ingress:
+    - ports:
+      - port: {{ hub_metrics_port }}
\ No newline at end of file
diff --git a/roles/tackle/templates/servicemonitor-hub.yml.j2 b/roles/tackle/templates/servicemonitor-hub.yml.j2
new file mode 100644
index 0000000..17267e9
--- /dev/null
+++ b/roles/tackle/templates/servicemonitor-hub.yml.j2
@@ -0,0 +1,18 @@
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  labels:
+    app.kubernetes.io/name: {{ hub_service_name }}
+    app.kubernetes.io/component: {{ hub_component_name }}
+    app.kubernetes.io/part-of: {{ app_name }}
+  name: {{ hub_service_name }}
+  namespace: {{ app_namespace }}
+spec:
+  endpoints:
+    - interval: 30s
+      port: metrics
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: {{ hub_service_name }}
+      app.kubernetes.io/component: {{ hub_component_name }}
+      app.kubernetes.io/part-of: {{ app_name }}
diff --git a/tools/templates/clusterserviceversion.yaml.j2 b/tools/templates/clusterserviceversion.yaml.j2
index 16ddf16..a40506f 100644
--- a/tools/templates/clusterserviceversion.yaml.j2
+++ b/tools/templates/clusterserviceversion.yaml.j2
@@ -228,7 +228,12 @@ spec:
           - servicemonitors
           verbs:
           - get
+          - list
+          - watch
           - create
+          - update
+          - patch
+          - delete
         - apiGroups:
           - apps.openshift.io
           resources: