diff --git a/src/main/k8s/dev/BUILD.bazel b/src/main/k8s/dev/BUILD.bazel
index 67136a60f35..ea4704db83b 100644
--- a/src/main/k8s/dev/BUILD.bazel
+++ b/src/main/k8s/dev/BUILD.bazel
@@ -497,3 +497,50 @@ cue_dump(
         "//src/main/k8s:open_telemetry",
     ],
 )
+
+cue_library(
+    name = "measurement_system_prober_cue",
+    srcs = ["measurement_system_prober_gke.cue"],
+    deps = [
+        ":config",
+        "//src/main/k8s:measurement_system_prober",
+    ],
+)
+
+cue_dump(
+    name = "measurement_system_prober_gke",
+    srcs = ["measurement_system_prober_gke.cue"],
+    cue_tags = {
+        "mc_name": SIMULATOR_K8S_SETTINGS.mc_name,
+        "mc_api_key": SIMULATOR_K8S_SETTINGS.mc_api_key,
+        "container_registry": IMAGE_REPOSITORY_SETTINGS.container_registry,
+        "image_repo_prefix": IMAGE_REPOSITORY_SETTINGS.repository_prefix,
+        "image_tag": IMAGE_REPOSITORY_SETTINGS.image_tag,
+        "secret_name": SECRET_NAME,
+        "edp1_name": SIMULATOR_K8S_SETTINGS.edp1_name,
+        "edp2_name": SIMULATOR_K8S_SETTINGS.edp2_name,
+    },
+    tags = ["manual"],
+    deps = [
+        ":measurement_system_prober_cue",
+        "//src/main/k8s:measurement_system_prober",
+    ],
+)
+
+kustomization_dir(
+    name = "measurement_system_prober_secret",
+    srcs = ["measurement_system_prober_secret_kustomization.yaml"],
+    renames = {"measurement_system_prober_secret_kustomization.yaml": "kustomization.yaml"},
+)
+
+kustomization_dir(
+    name = "measurement_system_prober",
+    srcs = [
+        ":measurement_system_prober_gke",
+    ],
+    generate_kustomization = True,
+    tags = ["manual"],
+    deps = [
+        ":measurement_system_prober_secret",
+    ],
+)
diff --git a/src/main/k8s/dev/measurement_system_prober_gke.cue b/src/main/k8s/dev/measurement_system_prober_gke.cue
new file mode 100644
index 00000000000..37c5d8f7cad
--- /dev/null
+++ b/src/main/k8s/dev/measurement_system_prober_gke.cue
@@ -0,0 +1,20 @@
+package k8s
+
+_secret_name:      string @tag("secret_name")
+_mc_resource_name: string @tag("mc_name")
+_mc_api_key:       string @tag("mc_api_key")
+_edp1:             string @tag("edp1_name")
+_edp2:             string @tag("edp2_name")
+
+#KingdomPublicApiTarget: (#Target & {name: "v2alpha-public-api-server"}).target
+
+objectSets: [ for objectSet in measurementSystemProber {objectSet}]
+
+measurementSystemProber: #MeasurementSystemProber & {
+	_mcName:                   _mc_resource_name
+	_apiKey:                   _mc_api_key
+	_secretName:               _secret_name
+	_verboseGrpcClientLogging: true
+	_edpResourceNames: [_edp1, _edp2]
+	_kingdomPublicApiTarget: #KingdomPublicApiTarget
+}
diff --git a/src/main/k8s/dev/measurement_system_prober_secret_kustomization.yaml b/src/main/k8s/dev/measurement_system_prober_secret_kustomization.yaml
new file mode 100644
index 00000000000..cbf9e197221
--- /dev/null
+++ b/src/main/k8s/dev/measurement_system_prober_secret_kustomization.yaml
@@ -0,0 +1,21 @@
+# Copyright 2024 The Cross-Media Measurement Authors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+secretGenerator:
+  - name: certs-and-configs
+    files:
+      - mc_cs_private.der
+      - mc_tls.pem
+      - mc_tls.key
+      - all_root_certs.pem
\ No newline at end of file
diff --git a/src/main/k8s/kingdom.cue b/src/main/k8s/kingdom.cue
index a053e3b29fa..5f00cfec5e9 100644
--- a/src/main/k8s/kingdom.cue
+++ b/src/main/k8s/kingdom.cue
@@ -258,7 +258,6 @@ import ("strings")
 				"pending-measurements-cancellation-app",
 				"exchanges-deletion-app",
 				"operational-metrics-app",
-				"measurement-system-prober-app",
 			]
 			_egresses: {
 				// Need to send external traffic to Spanner.
diff --git a/src/main/k8s/local/BUILD.bazel b/src/main/k8s/local/BUILD.bazel
index 39e3d76b4f3..7cbf7e6b18d 100644
--- a/src/main/k8s/local/BUILD.bazel
+++ b/src/main/k8s/local/BUILD.bazel
@@ -209,10 +209,6 @@ cue_dump(
         "secret_name": SECRET_NAME,
         "edp1_name": TEST_K8S_SETTINGS.edp1_name,
         "edp2_name": TEST_K8S_SETTINGS.edp2_name,
-        "edp3_name": TEST_K8S_SETTINGS.edp3_name,
-        "edp4_name": TEST_K8S_SETTINGS.edp4_name,
-        "edp5_name": TEST_K8S_SETTINGS.edp5_name,
-        "edp6_name": TEST_K8S_SETTINGS.edp6_name,
     },
     tags = ["manual"],
     deps = [
diff --git a/src/main/k8s/local/measurement_system_prober.cue b/src/main/k8s/local/measurement_system_prober.cue
index 810ccf4233e..a280db6c999 100644
--- a/src/main/k8s/local/measurement_system_prober.cue
+++ b/src/main/k8s/local/measurement_system_prober.cue
@@ -5,10 +5,7 @@ _mc_resource_name: string @tag("mc_name")
 _mc_api_key:       string @tag("mc_api_key")
 _edp1:             string @tag("edp1_name")
 _edp2:             string @tag("edp2_name")
-_edp3:             string @tag("edp3_name")
-_edp4:             string @tag("edp4_name")
-_edp5:             string @tag("edp5_name")
-_edp6:             string @tag("edp6_name")
+_edp_resource_names: [_edp1, _edp2]
 
 #KingdomPublicApiTarget: (#Target & {name: "v2alpha-public-api-server"}).target
 
@@ -19,11 +16,6 @@ measurementSystemProber: #MeasurementSystemProber & {
 	_apiKey:                   _mc_api_key
 	_secretName:               _secret_name
 	_verboseGrpcClientLogging: true
-	_edp1Name:                 _edp1
-	_edp2Name:                 _edp2
-	_edp3Name:                 _edp3
-	_edp4Name:                 _edp4
-	_edp5Name:                 _edp5
-	_edp6Name:                 _edp6
+	_edpResourceNames:         _edp_resource_names
 	_kingdomPublicApiTarget:   #KingdomPublicApiTarget
 }
diff --git a/src/main/k8s/measurement_system_prober.cue b/src/main/k8s/measurement_system_prober.cue
index a65981b7d4a..08e4bf2103f 100644
--- a/src/main/k8s/measurement_system_prober.cue
+++ b/src/main/k8s/measurement_system_prober.cue
@@ -20,16 +20,11 @@ import ("strings")
 	_mcName:            string
 	_privateKeyDerFile: string
 	_apiKey:            string
-	_edp1Name:          string
-	_edp2Name:          string
-	_edp3Name:          string
-	_edp4Name:          string
-	_edp5Name:          string
-	_edp6Name:          string
-	_edpResourceNames: [_edp1Name, _edp2Name, _edp3Name, _edp4Name, _edp5Name, _edp6Name]
+	_edpResourceNames: [...string]
 	_verboseGrpcClientLogging: bool | *false
 	_kingdomPublicApiTarget:   string
 	_secretName:               string
+	let SecretName = _secretName
 
 	_privateKeyDerFileFlag:             "--private-key-der-file=/var/run/secrets/files/mc_cs_private.der"
 	_tlsCertFileFlag:                   "--tls-cert-file=/var/run/secrets/files/mc_tls.pem"
@@ -58,7 +53,7 @@ import ("strings")
 
 	cronJobs: [Name=_]: #CronJob & {
 		_name:       strings.TrimSuffix(Name, "-cronjob")
-		_secretName: _secretName
+		_secretName: SecretName
 		_system:     "kingdom"
 		_container: {
 			image: _images[_name]
@@ -78,14 +73,24 @@ import ("strings")
 				_kingdomPublicApiCertHostFlag,
 				"--measurement-lookback-duration=1d",
 				"--duration-between-measurements=1d",
-				"--data-provider=\(_edp1Name)",
-				"--data-provider=\(_edp2Name)",
-				"--data-provider=\(_edp3Name)",
-				"--data-provider=\(_edp4Name)",
-				"--data-provider=\(_edp5Name)",
-				"--data-provider=\(_edp6Name)",
+				for edp in _edpResourceNames {
+					"--data-provider=\(edp)"
+				},
 			]
 			spec: schedule: "* * * * *"
 		}
 	}
+
+	networkPolicies: [Name=_]: #NetworkPolicy & {
+		_name: Name
+	}
+
+	networkPolicies: {
+		"measurement-system-prober": {
+			_app_label: "measurement-system-prober-app"
+			_destinationMatchLabels: [
+				"v2alpha-public-api-server-app",
+			]
+		}
+	}
 }