diff --git a/pkg/controlplane/components/eso_component.go b/pkg/controlplane/components/eso_component.go
index 5d9694e..71a73dd 100644
--- a/pkg/controlplane/components/eso_component.go
+++ b/pkg/controlplane/components/eso_component.go
@@ -39,17 +39,32 @@ func (e *ExternalSecretsOperator) GetPolicyRules() PolicyRules {
 			{
 				APIGroups: []string{"external-secrets.io"},
 				Resources: []string{
-					"externalsecrets",
-					"secretstores",
+					"clusterexternalsecrets",
+					"clusterpushsecrets",
 					"clustersecretstores",
+					"externalsecrets",
 					"pushsecrets",
+					"secretstores",
 				},
 				Verbs: VerbsAdmin,
 			},
 			{
 				APIGroups: []string{"generators.external-secrets.io"},
 				Resources: []string{
+					"acraccesstokens",
+					"clustergenerators",
+					"ecrauthorizationtokens",
+					"fakes",
+					"gcraccesstokens",
+					"generatorstates",
+					"githubaccesstokens",
+					"grafanas",
+					"passwords",
+					"quayaccesstokens",
+					"stssessiontokens",
+					"uuids",
 					"vaultdynamicsecrets",
+					"webhooks",
 				},
 				Verbs: VerbsAdmin,
 			},
@@ -58,17 +73,32 @@ func (e *ExternalSecretsOperator) GetPolicyRules() PolicyRules {
 			{
 				APIGroups: []string{"external-secrets.io"},
 				Resources: []string{
-					"externalsecrets",
-					"secretstores",
+					"clusterexternalsecrets",
+					"clusterpushsecrets",
 					"clustersecretstores",
+					"externalsecrets",
 					"pushsecrets",
+					"secretstores",
 				},
 				Verbs: VerbsView,
 			},
 			{
 				APIGroups: []string{"generators.external-secrets.io"},
 				Resources: []string{
+					"acraccesstokens",
+					"clustergenerators",
+					"ecrauthorizationtokens",
+					"fakes",
+					"gcraccesstokens",
+					"generatorstates",
+					"githubaccesstokens",
+					"grafanas",
+					"passwords",
+					"quayaccesstokens",
+					"stssessiontokens",
+					"uuids",
 					"vaultdynamicsecrets",
+					"webhooks",
 				},
 				Verbs: VerbsView,
 			},