diff --git a/kibana/templates/deployment.yaml b/kibana/templates/deployment.yaml
index c51a3047a..33e5cae91 100644
--- a/kibana/templates/deployment.yaml
+++ b/kibana/templates/deployment.yaml
@@ -66,6 +66,7 @@ spec:
 {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
         configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
         configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
+{{ dict "envAll" $envAll "podName" "kibana" "containerNames" (list "apache-proxy" "kibana" "init")  | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
     spec:
 {{ dict "envAll" $envAll "application" "dashboard" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
       serviceAccountName: {{ $serviceAccountName }}
diff --git a/kibana/values_overrides/apparmor.yaml b/kibana/values_overrides/apparmor.yaml
new file mode 100644
index 000000000..a18dabe6f
--- /dev/null
+++ b/kibana/values_overrides/apparmor.yaml
@@ -0,0 +1,7 @@
+pod:
+  mandatory_access_control:
+    type: apparmor
+    kibana:
+      kibana: runtime/default
+      init: runtime/default
+      apache-proxy: runtime/default
diff --git a/tools/deployment/apparmor/090-elasticsearch.sh b/tools/deployment/apparmor/090-elasticsearch.sh
deleted file mode 100755
index f4cd8b2d9..000000000
--- a/tools/deployment/apparmor/090-elasticsearch.sh
+++ /dev/null
@@ -1,82 +0,0 @@
-#!/bin/bash
-
-# Copyright 2017 The Openstack-Helm Authors.
-#
-#    Licensed under the Apache License, Version 2.0 (the "License"); you may
-#    not use this file except in compliance with the License. You may obtain
-#    a copy of the License at
-#
-#         http://www.apache.org/licenses/LICENSE-2.0
-#
-#    Unless required by applicable law or agreed to in writing, software
-#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-#    License for the specific language governing permissions and limitations
-#    under the License.
-
-set -xe
-
-#NOTE: Lint and package chart
-make elasticsearch
-
-#NOTE: Deploy command
-tee /tmp/elasticsearch.yaml << EOF
-dependencies:
-  static:
-    tests:
-      jobs: null
-storage:
-  data:
-    enabled: false
-  master:
-    enabled: false
-pod:
-  mandatory_access_control:
-    type: apparmor
-    elasticsearch-master:
-      elasticsearch-master: runtime/default
-    elasticsearch-data:
-      elasticsearch-data: runtime/default
-    elasticsearch-client:
-      elasticsearch-client: runtime/default
-  replicas:
-    client: 1
-    data: 1
-    master: 2
-conf:
-  curator:
-    schedule:  "0 */6 * * *"
-    action_file:
-      actions:
-        1:
-          action: delete_indices
-          description: >-
-            "Delete indices older than 365 days"
-          options:
-            timeout_override:
-            continue_if_exception: False
-            ignore_empty_list: True
-            disable_action: True
-          filters:
-          - filtertype: pattern
-            kind: prefix
-            value: logstash-
-          - filtertype: age
-            source: name
-            direction: older
-            timestring: '%Y.%m.%d'
-            unit: days
-            unit_count: 365
-
-EOF
-helm upgrade --install elasticsearch ./elasticsearch \
-    --namespace=osh-infra \
-    --values=/tmp/elasticsearch.yaml
-
-#NOTE: Wait for deploy
-./tools/deployment/common/wait-for-pods.sh osh-infra
-
-#NOTE: Validate Deployment info
-helm status elasticsearch
-
-helm test elasticsearch
diff --git a/zuul.d/jobs.yaml b/zuul.d/jobs.yaml
index 401542944..4ec50b107 100644
--- a/zuul.d/jobs.yaml
+++ b/zuul.d/jobs.yaml
@@ -284,13 +284,38 @@
         - ./tools/deployment/apparmor/075-prometheus-process-exporter.sh
         - ./tools/deployment/apparmor/080-grafana.sh
         - ./tools/deployment/apparmor/085-rabbitmq.sh
-        - ./tools/deployment/apparmor/090-elasticsearch.sh
         - ./tools/deployment/apparmor/095-nagios.sh
         - ./tools/deployment/apparmor/100-fluentbit.sh
         - ./tools/deployment/apparmor/110-fluentd-daemonset.sh
         - ./tools/deployment/apparmor/120-openvswitch.sh
         - ./tools/deployment/apparmor/130-postgresql.sh
 
+- job:
+    name: openstack-helm-infra-aio-logging-apparmor
+    parent: openstack-helm-infra-functional
+    timeout: 7200
+    pre-run:
+      - playbooks/osh-infra-upgrade-host.yaml
+      - playbooks/osh-infra-deploy-selenium.yaml
+    run: playbooks/osh-infra-gate-runner.yaml
+    post-run: playbooks/osh-infra-collect-logs.yaml
+    nodeset: openstack-helm-single-node
+    vars:
+      osh_params:
+        container_distro_name: ubuntu
+        container_distro_version: bionic
+        feature_gates: apparmor
+      gate_scripts:
+        - ./tools/deployment/osh-infra-logging/000-install-packages.sh
+        - ./tools/deployment/osh-infra-logging/005-deploy-k8s.sh
+        - ./tools/deployment/osh-infra-logging/010-ingress.sh
+        - ./tools/deployment/osh-infra-logging/020-ceph.sh
+        - ./tools/deployment/osh-infra-logging/025-ceph-ns-activate.sh
+        - ./tools/deployment/osh-infra-logging/030-radosgw-osh-infra.sh
+        - ./tools/deployment/osh-infra-logging/040-ldap.sh
+        - ./tools/deployment/osh-infra-logging/050-elasticsearch.sh
+        - ./tools/deployment/osh-infra-logging/070-kibana.sh
+
 - job:
     name: openstack-helm-infra-metacontroller
     parent: openstack-helm-infra-functional
diff --git a/zuul.d/project.yaml b/zuul.d/project.yaml
index e55233375..67315cc47 100644
--- a/zuul.d/project.yaml
+++ b/zuul.d/project.yaml
@@ -41,6 +41,8 @@
             voting: false
         - openstack-helm-infra-apparmor:
             voting: false
+        - openstack-helm-infra-aio-logging-apparmor:
+            voting: false
         - openstack-helm-infra-local-storage:
             voting: false
         - openstack-helm-infra-metacontroller: