diff --git a/contribution/self-managed-k8s/crio/install_crio.sh b/contribution/self-managed-k8s/crio/install_crio.sh
index 1fedb9ba01..d104dcf4b8 100755
--- a/contribution/self-managed-k8s/crio/install_crio.sh
+++ b/contribution/self-managed-k8s/crio/install_crio.sh
@@ -24,6 +24,7 @@ echo "deb [signed-by=/etc/apt/keyrings/cri-o-apt-keyring.gpg] https://pkgs.k8s.i
 # install
 sudo apt-get update
 sudo apt-get install -y cri-o
+sudo dpkg -i --force-overwrite /var/cache/apt/archives/cri-o_*.deb
 
 # this option is not supported in ubuntu 18.04
 if [ "$VERSION_ID" == "18.04" ]; then
diff --git a/deployments/get/objects.go b/deployments/get/objects.go
index 102697604d..c7c5a44b2e 100644
--- a/deployments/get/objects.go
+++ b/deployments/get/objects.go
@@ -43,18 +43,23 @@ func GetClusterRole() *rbacv1.ClusterRole {
 		Rules: []rbacv1.PolicyRule{
 			{
 				APIGroups: []string{""},
-				Resources: []string{"pods", "nodes", "namespaces", "configmaps"},
-				Verbs:     []string{"get", "patch", "list", "watch", "update"},
+				Resources: []string{"namespaces"},
+				Verbs:     []string{"get", "list", "watch", "update"},
+			},
+			{
+				APIGroups: []string{""},
+				Resources: []string{"pods", "nodes", "configmaps"},
+				Verbs:     []string{"get", "list", "watch"},
 			},
 			{
 				APIGroups: []string{"apps"},
 				Resources: []string{"deployments", "replicasets", "daemonsets", "statefulsets"},
-				Verbs:     []string{"get", "patch", "list", "watch", "update"},
+				Verbs:     []string{"get", "list", "watch"},
 			},
 			{
 				APIGroups: []string{"batch"},
 				Resources: []string{"jobs", "cronjobs"},
-				Verbs:     []string{"get", "patch", "list", "watch", "update"},
+				Verbs:     []string{"get", "list", "watch"},
 			},
 			{
 				APIGroups: []string{"security.kubearmor.com"},
diff --git a/deployments/helm/KubeArmor/templates/RBAC/roles.yaml b/deployments/helm/KubeArmor/templates/RBAC/roles.yaml
index dc96cd7017..9d2a2b4e97 100644
--- a/deployments/helm/KubeArmor/templates/RBAC/roles.yaml
+++ b/deployments/helm/KubeArmor/templates/RBAC/roles.yaml
@@ -3,19 +3,25 @@ kind: ClusterRole
 metadata:
   name: kubearmor-clusterrole
 rules:
+- apiGroups:
+  - ""
+  resources:
+  - namespaces
+  verbs:
+  - get
+  - list
+  - watch
+  - update
 - apiGroups:
   - ""
   resources:
   - pods
   - nodes
-  - namespaces
   - configmaps
   verbs:
   - get
-  - patch
   - list
   - watch
-  - update
 - apiGroups:
   - apps
   resources:
@@ -25,10 +31,8 @@ rules:
   - statefulsets
   verbs:
   - get
-  - patch
   - list
   - watch
-  - update
 - apiGroups:
   - batch
   resources:
@@ -36,10 +40,8 @@ rules:
   - cronjobs
   verbs:
   - get
-  - patch
   - list
   - watch
-  - update
 - apiGroups:
   - security.kubearmor.com
   resources: