diff --git a/flux/olympus/apps/flux-system/kustomization.yaml b/flux/olympus/apps/flux-system/kustomization.yaml
index 7fb77f6..29912db 100644
--- a/flux/olympus/apps/flux-system/kustomization.yaml
+++ b/flux/olympus/apps/flux-system/kustomization.yaml
@@ -1,5 +1,6 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
+  - rbac.yaml
   - external-secret.yaml
   - weave-gitops-dashboard.yaml
diff --git a/flux/olympus/apps/flux-system/rbac.yaml b/flux/olympus/apps/flux-system/rbac.yaml
new file mode 100644
index 0000000..ac28215
--- /dev/null
+++ b/flux/olympus/apps/flux-system/rbac.yaml
@@ -0,0 +1,39 @@
+---
+# Admin cluster role
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: wego-admin-cluster-role
+rules:
+  - apiGroups: [""]
+    resources: ["secrets", "pods" ]
+    verbs: [ "get", "list" ]
+  - apiGroups: ["apps"]
+    resources: [ "deployments", "replicasets"]
+    verbs: [ "get", "list" ]
+  - apiGroups: ["kustomize.toolkit.fluxcd.io"]
+    resources: [ "kustomizations" ]
+    verbs: [ "get", "list", "patch" ]
+  - apiGroups: ["helm.toolkit.fluxcd.io"]
+    resources: [ "helmreleases" ]
+    verbs: [ "get", "list", "patch" ]
+  - apiGroups: ["source.toolkit.fluxcd.io"]
+    resources: [ "buckets", "helmcharts", "gitrepositories", "helmrepositories", "ocirepositories" ]
+    verbs: [ "get", "list", "patch" ]
+  - apiGroups: [""]
+    resources: ["events"]
+    verbs: ["get", "watch", "list"]
+---
+# Bind the cluster admin role to admins
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: wego-cluster-admin
+subjects:
+- kind: User
+  name: "victor@xirion.net"
+  apiGroup: rbac.authorization.k8s.io
+roleRef:
+  kind: ClusterRole
+  name: wego-admin-cluster-role
+  apiGroup: rbac.authorization.k8s.io