diff --git a/cluster/charts/rook-ceph/templates/clusterrole.yaml b/cluster/charts/rook-ceph/templates/clusterrole.yaml
index 790a83b87c34..dc62d8fea516 100644
--- a/cluster/charts/rook-ceph/templates/clusterrole.yaml
+++ b/cluster/charts/rook-ceph/templates/clusterrole.yaml
@@ -183,6 +183,7 @@ rules:
   - configmaps
   - nodes
   - nodes/proxy
+  - persistentvolumes
   verbs:
   - get
   - list
@@ -197,6 +198,14 @@ rules:
   - list
   - get
   - watch
+- apiGroups:
+  - storage.k8s.io
+  resources:
+  - storageclasses
+  verbs:
+  - get
+  - list
+  - watch
 ---
 # Aspects of ceph-mgr that require access to the system namespace
 kind: ClusterRole
diff --git a/cluster/examples/kubernetes/ceph/common.yaml b/cluster/examples/kubernetes/ceph/common.yaml
index 47bb8865a894..8a3ad35d3738 100644
--- a/cluster/examples/kubernetes/ceph/common.yaml
+++ b/cluster/examples/kubernetes/ceph/common.yaml
@@ -290,6 +290,7 @@ rules:
       - configmaps
       - nodes
       - nodes/proxy
+      - persistentvolumes
     verbs:
       - get
       - list
@@ -304,6 +305,14 @@ rules:
       - list
       - get
       - watch
+  - apiGroups:
+      - storage.k8s.io
+    resources:
+      - storageclasses
+    verbs:
+      - get
+      - list
+      - watch
 ---
 kind: ClusterRole
 apiVersion: rbac.authorization.k8s.io/v1