diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml
index 8685c2f..ab40ef2 100644
--- a/config/rbac/role.yaml
+++ b/config/rbac/role.yaml
@@ -109,3 +109,55 @@ rules:
   - get
   - patch
   - update
+- apiGroups:
+  - rbac
+  resources:
+  - rolebindings
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - rbac
+  resources:
+  - rolebindings/finalizers
+  verbs:
+  - update
+- apiGroups:
+  - rbac
+  resources:
+  - rolebindings/status
+  verbs:
+  - get
+  - patch
+  - update
+- apiGroups:
+  - rbac
+  resources:
+  - roles
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - rbac
+  resources:
+  - roles/finalizers
+  verbs:
+  - update
+- apiGroups:
+  - rbac
+  resources:
+  - roles/status
+  verbs:
+  - get
+  - patch
+  - update
diff --git a/controllers/namespace_controller.go b/controllers/namespace_controller.go
index 2868d5f..3fc5351 100644
--- a/controllers/namespace_controller.go
+++ b/controllers/namespace_controller.go
@@ -48,6 +48,12 @@ type NamespaceReconciler struct {
 //+kubebuilder:rbac:groups=rbac,resources=clusterrolebindings,verbs=get;list;watch;create;update;patch;delete
 //+kubebuilder:rbac:groups=rbac,resources=clusterrolebindings/status,verbs=get;update;patch
 //+kubebuilder:rbac:groups=rbac,resources=clusterrolebindings/finalizers,verbs=update
+//+kubebuilder:rbac:groups=rbac,resources=roles,verbs=get;list;watch;create;update;patch;delete
+//+kubebuilder:rbac:groups=rbac,resources=roles/status,verbs=get;update;patch
+//+kubebuilder:rbac:groups=rbac,resources=roles/finalizers,verbs=update
+//+kubebuilder:rbac:groups=rbac,resources=rolebindings,verbs=get;list;watch;create;update;patch;delete
+//+kubebuilder:rbac:groups=rbac,resources=rolebindings/status,verbs=get;update;patch
+//+kubebuilder:rbac:groups=rbac,resources=rolebindings/finalizers,verbs=update
 //+kubebuilder:rbac:groups=aws.crossplane.io,resources=providerconfigs,verbs=get;list;watch;create;update;patch;delete
 //+kubebuilder:rbac:groups=aws.crossplane.io,resources=providerconfigs/status,verbs=get;update;patch
 //+kubebuilder:rbac:groups=aws.crossplane.io,resources=providerconfigs/finalizers,verbs=update