diff --git a/cmd/provider/main.go b/cmd/provider/main.go
index acbdccf..39c9a70 100644
--- a/cmd/provider/main.go
+++ b/cmd/provider/main.go
@@ -56,6 +56,7 @@ func main() {
 
 		namespace                  = app.Flag("namespace", "Namespace used to set as default scope in default secret store config.").Default("crossplane-system").Envar("POD_NAMESPACE").String()
 		enableExternalSecretStores = app.Flag("enable-external-secret-stores", "Enable support for ExternalSecretStores.").Default("false").Envar("ENABLE_EXTERNAL_SECRET_STORES").Bool()
+		enableManagementPolicies = app.Flag("enable-management-policies", "Enable support for ManagementPolicies.").Default("true").Envar("ENABLE_MANAGEMENT_POLICIES").Bool(
 	)
 	kingpin.MustParse(app.Parse(os.Args[1:]))
 
@@ -105,12 +106,27 @@ func main() {
 		OperationTrackerStore: upcontroller.NewOperationStore(log),
 	}
 
+	if *enableManagementPolicies {
+		o.Features.Enable(features.EnableBetaManagementPolicies)
+		log.Info("Beta feature enabled", "flag", features.EnableBetaManagementPolicies)
+	}
+
 	if *enableExternalSecretStores {
 		o.SecretStoreConfigGVK = &v1alpha1.StoreConfigGroupVersionKind
 		log.Info("Alpha feature enabled", "flag", features.EnableAlphaExternalSecretStores)
 
+		o.ESSOptions = &tjcontroller.ESSOptions{}
+		if *essTLSCertsPath != "" {
+				log.Info("ESS TLS certificates path is set. Loading mTLS configuration.")
+				tCfg, err := certificates.LoadMTLSConfig(filepath.Join(*essTLSCertsPath, "ca.crt"), filepath.Join(*essTLSCertsPath, "tls.crt"), filepath.Join(*essTLS
+CertsPath, "tls.key"), false)
+				kingpin.FatalIfError(err, "Cannot load ESS TLS config.")
+
+				o.ESSOptions.TLSConfig = tCfg
+		}
+
 		// Ensure default store config exists.
-		kingpin.FatalIfError(resource.Ignore(kerrors.IsAlreadyExists, mgr.GetClient().Create(context.Background(), &v1alpha1.StoreConfig{
+		kingpin.FatalIfError(resource.Ignore(kerrors.IsAlreadyExists, mgr.GetClient().Create(ctx, &v1alpha1.StoreConfig{
 			ObjectMeta: metav1.ObjectMeta{
 				Name: "default",
 			},
@@ -121,6 +137,7 @@ func main() {
 					DefaultScope: *namespace,
 				},
 			},
+			Status: v1alpha.StoreConfigStatus{},
 		})), "cannot create default store config")
 	}