diff --git a/grafana/templates/deployment.yaml b/grafana/templates/deployment.yaml
index b26451ffa..f792e06ab 100644
--- a/grafana/templates/deployment.yaml
+++ b/grafana/templates/deployment.yaml
@@ -43,7 +43,7 @@ spec:
       annotations:
         configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
         configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
-{{ dict "envAll" $envAll "podName" "grafana" "containerNames" (list "grafana") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
+{{ dict "envAll" $envAll "podName" "grafana" "containerNames" (list "grafana" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
     spec:
 {{ dict "envAll" $envAll "application" "dashboard" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
       serviceAccountName: {{ $serviceAccountName }}
diff --git a/grafana/templates/job-add-home-dashboard.yaml b/grafana/templates/job-add-home-dashboard.yaml
index e874b7c47..ac191b384 100644
--- a/grafana/templates/job-add-home-dashboard.yaml
+++ b/grafana/templates/job-add-home-dashboard.yaml
@@ -31,6 +31,10 @@ spec:
     metadata:
       labels:
 {{ tuple $envAll "grafana" "add_home_dashboard" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
+      annotations:
+        configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
+        configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
+{{ dict "envAll" $envAll "podName" "grafana-add-home-dashboard" "containerNames" (list "add-home-dashboard" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
     spec:
       serviceAccountName: {{ $serviceAccountName }}
       restartPolicy: OnFailure
diff --git a/grafana/templates/job-db-init-session.yaml b/grafana/templates/job-db-init-session.yaml
index 68064da19..26c9be38a 100644
--- a/grafana/templates/job-db-init-session.yaml
+++ b/grafana/templates/job-db-init-session.yaml
@@ -34,7 +34,7 @@ spec:
       annotations:
         configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
         configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
-{{ dict "envAll" $envAll "podName" "grafana-db-init-session" "containerNames" (list "grafana-db-init-session") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
+{{ dict "envAll" $envAll "podName" "grafana-db-init-session" "containerNames" (list "grafana-db-init-session" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
     spec:
 {{ dict "envAll" $envAll "application" "db_init" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
       serviceAccountName: {{ $serviceAccountName }}
diff --git a/grafana/templates/job-db-init.yaml b/grafana/templates/job-db-init.yaml
index e976b8dfe..5f238137c 100644
--- a/grafana/templates/job-db-init.yaml
+++ b/grafana/templates/job-db-init.yaml
@@ -31,6 +31,10 @@ spec:
     metadata:
       labels:
 {{ tuple $envAll "grafana" "db-init" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
+      annotations:
+        configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
+        configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
+{{ dict "envAll" $envAll "podName" "grafana-db-init" "containerNames" (list "grafana-db-init" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
     spec:
 {{ dict "envAll" $envAll "application" "db_init" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
       serviceAccountName: {{ $serviceAccountName }}
diff --git a/grafana/templates/job-db-session-sync.yaml b/grafana/templates/job-db-session-sync.yaml
index 5db8e1524..a5be82f2b 100644
--- a/grafana/templates/job-db-session-sync.yaml
+++ b/grafana/templates/job-db-session-sync.yaml
@@ -31,6 +31,10 @@ spec:
     metadata:
       labels:
 {{ tuple $envAll "grafana" "db-session-sync" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
+      annotations:
+        configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
+        configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
+{{ dict "envAll" $envAll "podName" "grafana-db-session-sync" "containerNames" (list "grafana-db-session-sync" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
     spec:
 {{ dict "envAll" $envAll "application" "db_session_sync" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
       serviceAccountName: {{ $serviceAccountName }}
diff --git a/grafana/templates/job-set-admin-user.yaml b/grafana/templates/job-set-admin-user.yaml
index a162cb1e9..0ae3420a6 100644
--- a/grafana/templates/job-set-admin-user.yaml
+++ b/grafana/templates/job-set-admin-user.yaml
@@ -31,6 +31,10 @@ spec:
     metadata:
       labels:
 {{ tuple $envAll "grafana" "set-admin-user" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
+      annotations:
+        configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
+        configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
+{{ dict "envAll" $envAll "podName" "grafana-set-admin-user" "containerNames" (list "grafana-set-admin-password" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
     spec:
 {{ dict "envAll" $envAll "application" "set_admin_user" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
       serviceAccountName: {{ $serviceAccountName }}
diff --git a/grafana/values_overrides/apparmor.yaml b/grafana/values_overrides/apparmor.yaml
index f73531d9f..5de90355d 100644
--- a/grafana/values_overrides/apparmor.yaml
+++ b/grafana/values_overrides/apparmor.yaml
@@ -3,5 +3,19 @@ pod:
     type: apparmor
     grafana:
       grafana: runtime/default
+      init: runtime/default
     grafana-db-init-session:
       grafana-db-init-session: runtime/default
+      init: runtime/default
+    grafana-add-home-dashboard:
+      add-home-dashboard: runtime/default
+      init: runtime/default
+    grafana-db-init:
+      grafana-db-init: runtime/default
+      init: runtime/default
+    grafana-db-session-sync:
+      grafana-db-session-sync: runtime/default
+      init: runtime/default
+    grafana-set-admin-user:
+      grafana-set-admin-password: runtime/default
+      init: runtime/default
\ No newline at end of file