diff --git a/controllers/argocd/openshift/openshift.go b/controllers/argocd/openshift/openshift.go
index 9b9c6095b..64b0f79f1 100644
--- a/controllers/argocd/openshift/openshift.go
+++ b/controllers/argocd/openshift/openshift.go
@@ -333,6 +333,17 @@ func policyRulesForClusterConfig() []rbacv1.PolicyRule {
 				"*",
 			},
 		},
+		{
+			APIGroups: []string{
+				"",
+			},
+			Resources: []string{
+				"serviceaccounts",
+			},
+			Verbs: []string{
+				"impersonate",
+			},
+		},
 	}
 }
 
diff --git a/controllers/argocd/openshift/openshift_test.go b/controllers/argocd/openshift/openshift_test.go
index 042ac42ce..a0b2f6c0a 100644
--- a/controllers/argocd/openshift/openshift_test.go
+++ b/controllers/argocd/openshift/openshift_test.go
@@ -45,8 +45,7 @@ func TestReconcileArgoCD_reconcileMultipleClusterRoles(t *testing.T) {
 	a := makeTestArgoCDForClusterConfig()
 	testApplicableClusterRole := &rbacv1.ClusterRole{
 		ObjectMeta: metav1.ObjectMeta{
-			Name:      a.Name + "-" + a.Namespace + "-" + testApplicationController,
-			Namespace: a.Namespace,
+			Name: a.Name + "-" + a.Namespace + "-" + testApplicationController,
 		},
 		Rules: makeTestPolicyRules(),
 	}