diff --git a/dashboard/deployment.yaml b/dashboard/deployment.yaml
index 54ded59..360f1fa 100644
--- a/dashboard/deployment.yaml
+++ b/dashboard/deployment.yaml
@@ -79,4 +79,28 @@ spec:
     - port: 443
       targetPort: 8443
   selector:
-    k8s-app: kubernetes-dashboard
\ No newline at end of file
+    k8s-app: kubernetes-dashboard
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: dashboard-csrf-access
+  namespace: kube-system
+rules:
+- apiGroups: [""]
+  resources: ["secrets"]
+  verbs: ["get", "update", "create"]
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: dashboard-csrf-access
+  namespace: kube-system
+subjects:
+- kind: ServiceAccount
+  name: kubernetes-dashboard
+  namespace: kubernetes-dashboard
+roleRef:
+  kind: Role
+  name: dashboard-csrf-access
+  apiGroup: rbac.authorization.k8s.io
\ No newline at end of file