diff --git a/infrastructure/addons/cnpg/kustomization.yaml b/infrastructure/addons/cnpg/kustomization.yaml
index f676cfb..a242d32 100644
--- a/infrastructure/addons/cnpg/kustomization.yaml
+++ b/infrastructure/addons/cnpg/kustomization.yaml
@@ -6,5 +6,6 @@ resources:
   - rancher-db-password-externalsecret.yaml
   - postgres-cluster.yaml
   - cnpg-cluster-rw-svc.yaml
+  - role-b2-reader.yaml
   - rolebinding-b2-reader.yaml
   - pgdump-cronjob.yaml
\ No newline at end of file
diff --git a/infrastructure/addons/cnpg/role-b2-reader.yaml b/infrastructure/addons/cnpg/role-b2-reader.yaml
new file mode 100644
index 0000000..05ad598
--- /dev/null
+++ b/infrastructure/addons/cnpg/role-b2-reader.yaml
@@ -0,0 +1,10 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: rancher-db-b2-reader
+  namespace: cnpg-cluster
+rules:
+  - apiGroups: [""]
+    resources: ["secrets"]
+    resourceNames: ["b2-credentials"]
+    verbs: ["get", "list"]
\ No newline at end of file