diff --git a/jenkins/jenkins.yaml b/jenkins/jenkins.yaml
index 40656b7..d89052b 100644
--- a/jenkins/jenkins.yaml
+++ b/jenkins/jenkins.yaml
@@ -43,6 +43,22 @@ spec:
     requests:
       storage: 20Gi
 
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: jenkins
+  namespace: jenkins
+rules:
+- apiGroups:
+  - ''
+  resources:
+  - secrets
+  verbs:
+  - get
+  - list
+  - watch
+
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
@@ -59,6 +75,20 @@ rules:
   verbs:
   - '*'
 
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: jenkins
+  namespace: jenkins
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: jenkins
+subjects:
+- kind: ServiceAccount
+  name: jenkins
+
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding