diff --git a/stage-maker/cluster-role.yaml b/stage-maker/cluster-role.yaml
new file mode 100644
index 0000000..9f3fef8
--- /dev/null
+++ b/stage-maker/cluster-role.yaml
@@ -0,0 +1,36 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: stage-editor-role
+rules:
+- apiGroups:
+  - ontime.getontime.no
+  resources:
+  - stages
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - ontime.getontime.no
+  resources:
+  - stages/status
+  verbs:
+  - get
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: edit-stages-clusterrolebinding
+subjects:
+- kind: ServiceAccount
+  name: stage-editor
+  namespace: stage-maker
+roleRef:
+  kind: ClusterRole
+  name: stage-editor-role
+  apiGroup: rbac.authorization.k8s.io
\ No newline at end of file
diff --git a/stage-maker/kustomization.yaml b/stage-maker/kustomization.yaml
index 89fc68d..d77e21b 100644
--- a/stage-maker/kustomization.yaml
+++ b/stage-maker/kustomization.yaml
@@ -1,3 +1,5 @@
 resources:
   - namespace.yaml
-  - pod.yaml
\ No newline at end of file
+  - pod.yaml
+  - cluster-role.yaml
+  - service-account.yaml
diff --git a/stage-maker/pod.yaml b/stage-maker/pod.yaml
index 341a9b1..2def5d5 100644
--- a/stage-maker/pod.yaml
+++ b/stage-maker/pod.yaml
@@ -4,6 +4,7 @@ metadata:
   name: stage-maker
   namespace: stage-maker
 spec:
+  serviceAccountName: stage-editor
   containers:
   - name: stage-maker
     image: git.jwetzell.com/jwetzell/stage-maker:v0.0.1
\ No newline at end of file
diff --git a/stage-maker/service-account.yaml b/stage-maker/service-account.yaml
new file mode 100644
index 0000000..b1f61c8
--- /dev/null
+++ b/stage-maker/service-account.yaml
@@ -0,0 +1,5 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: stage-editor
+  namespace: stage-maker
\ No newline at end of file