diff --git a/rootfs/templates/kops/default.yaml b/rootfs/templates/kops/default.yaml
index 4bb7233eb..67c07e38c 100644
--- a/rootfs/templates/kops/default.yaml
+++ b/rootfs/templates/kops/default.yaml
@@ -54,6 +54,20 @@ spec:
     authenticationTokenWebhookConfigFile: /srv/kubernetes/aws-iam-authenticator/kubeconfig.yaml
     {{- end }}
   {{- end }}
+  {{- if bool (getenv "KOPS_ADMISSION_CONTROL_ENABLED" "true") }}
+    admissionControl:
+    - NamespaceLifecycle
+    - LimitRanger
+    - ServiceAccount
+    - PersistentVolumeLabel
+    - DefaultStorageClass
+    - DefaultTolerationSeconds
+    - MutatingAdmissionWebhook
+    - ValidatingAdmissionWebhook
+    - ResourceQuota
+    - NodeRestriction
+    - Priority
+  {{- end }}
   authorization:
     {{- if bool (getenv "KOPS_AUTHORIZATION_RBAC_ENABLED" "false") }}
     rbac: {}