diff --git a/k8s/M6-kyverno-enforce-service-account.yaml b/k8s/M6-kyverno-enforce-service-account.yaml
index 0e60ee9e..8980d492 100644
--- a/k8s/M6-kyverno-enforce-service-account.yaml
+++ b/k8s/M6-kyverno-enforce-service-account.yaml
@@ -10,10 +10,6 @@ spec:
         resources:
           namespaces:
             - flux-system
-            - ingress-nginx
-            - kyverno
-            - monitoring
-            - openebs
       match:
         resources:
           kinds:
@@ -29,6 +25,10 @@ spec:
         resources:
           namespaces:
             - flux-system
+            - ingress-nginx
+            - kyverno
+            - monitoring
+            - openebs
       match:
         resources:
           kinds:
@@ -50,6 +50,10 @@ spec:
         resources:
           namespaces:
             - flux-system
+            - ingress-nginx
+            - kyverno
+            - monitoring
+            - openebs
       match:
         resources:
           kinds:
diff --git a/slides/k8s/M6-kyverno-install.md b/slides/k8s/M6-kyverno-install.md
index c8ec52a6..2044ba5a 100644
--- a/slides/k8s/M6-kyverno-install.md
+++ b/slides/k8s/M6-kyverno-install.md
@@ -109,6 +109,15 @@ class: pic
 
 ![Running Mario](images/M6-running-Mario.gif)
 
+---
+
+### Debugging
+
+`Kyverno-policies` `Kustomization` failed because `spec.dependsOn` property can only target a resource from the same `Kind`.
+
+- Let's suppress the `spec.dependsOn` property.
+
+Now `Kustomizations` for **_🎸ROCKY_** and **_🎬MOVY_** tenants failed because of our policies.
 
 ---