diff --git a/manifests/rbac/cluster_role.yaml b/manifests/bases/kustomize-controller/cluster_role.yaml
similarity index 55%
rename from manifests/rbac/cluster_role.yaml
rename to manifests/bases/kustomize-controller/cluster_role.yaml
index 9ce30d9129c5d0de8d1ad1e0ffd2cc2a6950ee5a..256b1ed528524eb4c9e8317c6929fd1838448a0a 100644
--- a/manifests/rbac/cluster_role.yaml
+++ b/manifests/bases/kustomize-controller/cluster_role.yaml
@@ -1,13 +1,8 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
+apiVersion: v1
+kind: ServiceAccount
 metadata:
   name: cluster-reconciler
-rules:
-  - apiGroups: ['*']
-    resources: ['*']
-    verbs: ['*']
-  - nonResourceURLs: ['*']
-    verbs: ['*']
+  namespace: system
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
@@ -16,8 +11,8 @@ metadata:
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
-  name: cluster-reconciler
+  name: cluster-admin
 subjects:
   - kind: ServiceAccount
-    name: default
+    name: cluster-reconciler
     namespace: system
diff --git a/manifests/bases/kustomize-controller/kustomization.yaml b/manifests/bases/kustomize-controller/kustomization.yaml
index 2640d449befe3ea30ede3c4ee0f880ff719a3fb2..e05233b8ed7a5bde8fe8dbd56c43d2b1855eecae 100644
--- a/manifests/bases/kustomize-controller/kustomization.yaml
+++ b/manifests/bases/kustomize-controller/kustomization.yaml
@@ -1,5 +1,8 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
-- github.com/fluxcd/kustomize-controller/config//crd?ref=v0.0.1-alpha.5
-- github.com/fluxcd/kustomize-controller/config//manager?ref=v0.0.1-alpha.5
+- github.com/fluxcd/kustomize-controller/config//crd?ref=v0.0.1-alpha.6
+- github.com/fluxcd/kustomize-controller/config//manager?ref=v0.0.1-alpha.6
+- cluster_role.yaml
+patchesStrategicMerge:
+- patch.yaml
diff --git a/manifests/bases/kustomize-controller/patch.yaml b/manifests/bases/kustomize-controller/patch.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..44bbf5bb69a856aff83bfae9a0118363e1d1942f
--- /dev/null
+++ b/manifests/bases/kustomize-controller/patch.yaml
@@ -0,0 +1,8 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: kustomize-controller
+spec:
+  template:
+    spec:
+      serviceAccountName: cluster-reconciler
diff --git a/manifests/rbac/kustomization.yaml b/manifests/rbac/kustomization.yaml
index ea165a8f556f1d2316c9691d1dcc4e20d36e51af..4f84bb688bcc6e3242b7f9be430c6355c9df9046 100644
--- a/manifests/rbac/kustomization.yaml
+++ b/manifests/rbac/kustomization.yaml
@@ -1,5 +1,4 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
-  - cluster_role.yaml
   - role.yaml