diff --git a/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/_helpers.tpl b/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/_helpers.tpl
index 10688fcef..14b244779 100644
--- a/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/_helpers.tpl
+++ b/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/_helpers.tpl
@@ -12,3 +12,13 @@ Selector labels
 app.kubernetes.io/instance: {{ .Release.Name }}
 app.kubernetes.io/part-of: {{ .Release.Name }}
 {{- end }}
+
+{{/*
+ClusterRole names
+*/}}
+{{- define "custom.certificatesName" -}}
+"certificates-{{ .Release.Name }}"
+{{- end -}}
+{{- define "custom.eventsName" -}}
+"events-{{ .Release.Name }}"
+{{- end -}}
diff --git a/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/cluster-role-binding.yaml b/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/cluster-role-binding.yaml
index 74c65abd8..8f36dc0a1 100644
--- a/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/cluster-role-binding.yaml
+++ b/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/cluster-role-binding.yaml
@@ -9,7 +9,7 @@ metadata:
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
-  name: "certificates-{{ .Release.Name }}"
+  name: {{ include "custom.certificatesName" . }}
 subjects:
   - kind: ServiceAccount
     name: kubelet-serving-cert-approver
diff --git a/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/cluster-role.yaml b/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/cluster-role.yaml
index 8830b6c6b..e1bd156c1 100644
--- a/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/cluster-role.yaml
+++ b/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/cluster-role.yaml
@@ -1,10 +1,10 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  name: "certificates-{{ .Release.Name }}"
+  name: {{ include "custom.certificatesName" . }}
   namespace: {{ .Release.Namespace }}
   labels:
-    app.kubernetes.io/name: "certificates-{{ .Release.Name }}"
+    app.kubernetes.io/name: {{ include "custom.certificatesName" . }}
     {{- include "custom.labels" . | nindent 4 }}
 rules:
   - apiGroups:
@@ -40,10 +40,10 @@ rules:
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  name: "events-{{ .Release.Name }}"
+  name: {{ include "custom.eventsName" . }}
   namespace: {{ .Release.Namespace }}
   labels:
-    app.kubernetes.io/name: "events-{{ .Release.Name }}"
+    app.kubernetes.io/name: {{ include "custom.eventsName" . }}
     {{- include "custom.labels" . | nindent 4 }}
 rules:
   - apiGroups:
diff --git a/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/namespace.yaml b/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/namespace.yaml
index 2d4653698..bbbe36926 100644
--- a/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/namespace.yaml
+++ b/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/namespace.yaml
@@ -1,10 +1,10 @@
 apiVersion: v1
 kind: Namespace
 metadata:
-  name: kubelet-serving-cert-approver
+  name: {{ .Release.Namespace }}
   labels:
-    app.kubernetes.io/name: kubelet-serving-cert-approver
+    app.kubernetes.io/name: {{ .Release.Namespace }}
     {{- include "custom.labels" . | nindent 4 }}
-    pod-security.kubernetes.io/audit: restricted
-    pod-security.kubernetes.io/enforce: restricted
-    pod-security.kubernetes.io/warn: restricted
+    pod-security.kubernetes.io/audit: privileged
+    pod-security.kubernetes.io/enforce: privileged
+    pod-security.kubernetes.io/warn: privileged
diff --git a/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/role-binding.yaml b/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/role-binding.yaml
index afdc6c55b..14f977224 100644
--- a/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/role-binding.yaml
+++ b/clusters/cl01tl/helm/kubelet-serving-cert-approver/templates/role-binding.yaml
@@ -1,15 +1,15 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
-  name: "events-{{ .Release.Name }}"
+  name: {{ include "custom.eventsName" . }}
   namespace: {{ .Release.Namespace }}
   labels:
-    app.kubernetes.io/name: "events-{{ .Release.Name }}"
+    app.kubernetes.io/name: {{ include "custom.eventsName" . }}
     {{- include "custom.labels" . | nindent 4 }}
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
-  name: "events-{{ .Release.Name }}"
+  name: {{ include "custom.eventsName" . }}
 subjects:
   - kind: ServiceAccount
     name: kubelet-serving-cert-approver