diff --git a/assets/queries/terraform/azure/aks_network_policy_misconfigured/query.rego b/assets/queries/terraform/azure/aks_network_policy_misconfigured/query.rego
index 281dade1e69..3afac0301d5 100644
--- a/assets/queries/terraform/azure/aks_network_policy_misconfigured/query.rego
+++ b/assets/queries/terraform/azure/aks_network_policy_misconfigured/query.rego
@@ -17,7 +17,7 @@ CxPolicy[result] {
 		"searchKey": sprintf("azurerm_kubernetes_cluster[%s].network_profile.network_policy", [name]),
 		"searchLine": common_lib.build_search_line(["resource","azurerm_kubernetes_cluster", name, "network_profile", "network_policy"], []),
 		"issueType": "IncorrectValue",
-		"keyExpectedValue": sprintf("'azurerm_kubernetes_cluster[%s].network_profile.network_policy' should be either 'azure' or 'calico'", [name]),
+		"keyExpectedValue": sprintf("'azurerm_kubernetes_cluster[%s].network_profile.network_policy' should be either 'azure', 'calico' or 'cilium'", [name]),
 		"keyActualValue": sprintf("'azurerm_kubernetes_cluster[%s].network_profile.network_policy' is %s", [name, policy]),
 		"remediation": json.marshal({
 			"before": sprintf("%s", [policy]),
@@ -39,7 +39,7 @@ CxPolicy[result] {
 		"searchKey": sprintf("azurerm_kubernetes_cluster[%s].network_profile", [name]),
 		"searchLine": common_lib.build_search_line(["resource","azurerm_kubernetes_cluster", name, "network_profile"], []),
 		"issueType": "MissingAttribute",
-		"keyExpectedValue": sprintf("'azurerm_kubernetes_cluster[%s].network_profile.network_policy' should be set to either 'azure' or 'calico'", [name]),
+		"keyExpectedValue": sprintf("'azurerm_kubernetes_cluster[%s].network_profile.network_policy' should be set to either 'azure', 'calico' or 'cilium'", [name]),
 		"keyActualValue": sprintf("'azurerm_kubernetes_cluster[%s].network_profile.network_policy' is undefined", [name]),
 		"remediation": "network_policy = \"azure\"",
 		"remediationType": "addition",
@@ -67,3 +67,5 @@ CxPolicy[result] {
 validPolicy("azure") = true
 
 validPolicy("calico") = true
+
+validPolicy("cilium") = true
diff --git a/assets/queries/terraform/azure/aks_network_policy_misconfigured/test/negative.tf b/assets/queries/terraform/azure/aks_network_policy_misconfigured/test/negative.tf
index b77befa7c3e..effd8676d5a 100644
--- a/assets/queries/terraform/azure/aks_network_policy_misconfigured/test/negative.tf
+++ b/assets/queries/terraform/azure/aks_network_policy_misconfigured/test/negative.tf
@@ -46,4 +46,29 @@ resource "azurerm_kubernetes_cluster" "negative2" {
   network_profile {
     network_policy = "calico"
   }
+}
+
+resource "azurerm_kubernetes_cluster" "negative3" {
+  name                = "example-aks3"
+  location            = azurerm_resource_group.example.location
+  resource_group_name = azurerm_resource_group.example.name
+  dns_prefix          = "exampleaks3"
+
+  default_node_pool {
+    name       = "default"
+    node_count = 1
+    vm_size    = "Standard_D2_v2"
+  }
+
+  identity {
+    type = "SystemAssigned"
+  }
+
+  tags = {
+    Environment = "Production"
+  }
+
+  network_profile {
+    network_policy = "cilium"
+  }
 }
\ No newline at end of file