diff --git a/config/crd/bases/falcon.crowdstrike.com_falconnodesensors.yaml b/config/crd/bases/falcon.crowdstrike.com_falconnodesensors.yaml
index 844d266a..9c011104 100644
--- a/config/crd/bases/falcon.crowdstrike.com_falconnodesensors.yaml
+++ b/config/crd/bases/falcon.crowdstrike.com_falconnodesensors.yaml
@@ -145,8 +145,7 @@ spec:
                     type: boolean
                   image:
                     description: Location of the Falcon Sensor image. Use only in
-                      cases when you mirror the original image to your repository/name:tag,
-                      and CrowdStrike OAuth2 API is not used.
+                      cases when you mirror the original image to your repository/name:tag
                     pattern: ^.*:.*$
                     type: string
                   imagePullPolicy:
diff --git a/controllers/admission/falconadmission_controller.go b/controllers/admission/falconadmission_controller.go
index e3204a08..f63c577c 100644
--- a/controllers/admission/falconadmission_controller.go
+++ b/controllers/admission/falconadmission_controller.go
@@ -42,8 +42,6 @@ type FalconAdmissionReconciler struct {
 	Scheme *runtime.Scheme
 }
 
-const nsTest = "falcon-kac"
-
 // SetupWithManager sets up the controller with the Manager.
 func (r *FalconAdmissionReconciler) SetupWithManager(mgr ctrl.Manager) error {
 	return ctrl.NewControllerManagedBy(mgr).
diff --git a/deploy/falcon-operator.yaml b/deploy/falcon-operator.yaml
index e1381e02..97dbf87f 100644
--- a/deploy/falcon-operator.yaml
+++ b/deploy/falcon-operator.yaml
@@ -2702,8 +2702,7 @@ spec:
                     type: boolean
                   image:
                     description: Location of the Falcon Sensor image. Use only in
-                      cases when you mirror the original image to your repository/name:tag,
-                      and CrowdStrike OAuth2 API is not used.
+                      cases when you mirror the original image to your repository/name:tag
                     pattern: ^.*:.*$
                     type: string
                   imagePullPolicy:
diff --git a/internal/controller/assets/rbac_test.go b/internal/controller/assets/rbac_test.go
index 4890ad38..4d180107 100644
--- a/internal/controller/assets/rbac_test.go
+++ b/internal/controller/assets/rbac_test.go
@@ -86,6 +86,23 @@ func TestRole(t *testing.T) {
 			Namespace: namespace,
 			Labels:    common.CRLabels("role", name, common.FalconAdmissionController),
 		},
+		Rules: []rbacv1.PolicyRule{
+			{
+				Verbs:     []string{"create", "get", "list", "watch", "update"},
+				APIGroups: []string{""},
+				Resources: []string{"configmaps"},
+			},
+			{
+				Verbs:     []string{"get", "list", "watch", "update"},
+				APIGroups: []string{""},
+				Resources: []string{"pods"},
+			},
+			{
+				Verbs:     []string{"get", "list", "watch", "create", "update", "delete"},
+				APIGroups: []string{"coordination.k8s.io"},
+				Resources: []string{"leases"},
+			},
+		},
 	}
 	got := Role(name, namespace)
 	if diff := cmp.Diff(want, got); diff != "" {
@@ -107,8 +124,9 @@ func TestRoleBinding(t *testing.T) {
 			Kind:       "RoleBinding",
 		},
 		ObjectMeta: metav1.ObjectMeta{
-			Name:   name,
-			Labels: common.CRLabels("rolebinding", name, component),
+			Name:      name,
+			Labels:    common.CRLabels("rolebinding", name, component),
+			Namespace: namespace,
 		},
 		Subjects: []rbacv1.Subject{
 			{