diff --git a/k8s/apps/n8n/rbac.yaml b/k8s/apps/n8n/rbac.yaml
index 05450cb..77de2b1 100644
--- a/k8s/apps/n8n/rbac.yaml
+++ b/k8s/apps/n8n/rbac.yaml
@@ -9,19 +9,27 @@ kind: ClusterRole
 metadata:
   name: n8n-clusterrole
 rules:
-- apiGroups:
-  - ""
-  resources:
-  - pods
-  - jobs
-  - cronjobs
-  - deployments
-  - statefulsets
-  verbs:
-  - get
-  - list
-  - watch
-  - create
+  # Core API group ("")
+  - apiGroups: [""]
+    resources: ["*"]
+    verbs: ["get", "list", "watch"]
+
+  # Common built-in API groups
+  - apiGroups: ["apps", "batch", "autoscaling", "extensions", "policy"]
+    resources: ["*"]
+    verbs: ["get", "list", "watch"]
+
+  - apiGroups: ["networking.k8s.io", "rbac.authorization.k8s.io", "apiextensions.k8s.io"]
+    resources: ["*"]
+    verbs: ["get", "list", "watch"]
+
+  - apiGroups: ["coordination.k8s.io", "discovery.k8s.io", "events.k8s.io"]
+    resources: ["*"]
+    verbs: ["get", "list", "watch"]
+
+  - apiGroups: ["storage.k8s.io", "admissionregistration.k8s.io", "authentication.k8s.io", "authorization.k8s.io"]
+    resources: ["*"]
+    verbs: ["get", "list", "watch"]
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding