diff --git a/charts/kyverno/templates/aggregateroles.yaml b/charts/kyverno/templates/aggregateroles.yaml
index 789aff4714..5b89e2c162 100644
--- a/charts/kyverno/templates/aggregateroles.yaml
+++ b/charts/kyverno/templates/aggregateroles.yaml
@@ -85,5 +85,25 @@ rules:
     - patch
     - update
     - watch
-
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels: {{ include "kyverno.labels" . | nindent 4 }}
+    rbac.authorization.k8s.io/aggregate-to-admin: "true"
+    app: kyverno
+  name: {{ template "kyverno.fullname" . }}:admin-updaterequest
+rules:
+- apiGroups:
+  - kyverno.io
+  resources:
+  - updaterequests
+  verbs:
+    - create
+    - delete
+    - get
+    - list
+    - patch
+    - update
+    - watch
 {{- end }}
diff --git a/config/install.yaml b/config/install.yaml
index 72b2951bb8..e3e95ee6a1 100644
--- a/config/install.yaml
+++ b/config/install.yaml
@@ -12379,6 +12379,32 @@ rules:
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
+metadata:
+  labels:
+    app: kyverno
+    app.kubernetes.io/component: kyverno
+    app.kubernetes.io/instance: kyverno
+    app.kubernetes.io/name: kyverno
+    app.kubernetes.io/part-of: kyverno
+    app.kubernetes.io/version: latest
+    rbac.authorization.k8s.io/aggregate-to-admin: "true"
+  name: kyverno:admin-updaterequest
+rules:
+- apiGroups:
+  - kyverno.io
+  resources:
+  - updaterequests
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
 metadata:
   labels:
     app: kyverno
diff --git a/config/install_debug.yaml b/config/install_debug.yaml
index c436701c49..82dc1a83e3 100755
--- a/config/install_debug.yaml
+++ b/config/install_debug.yaml
@@ -12363,6 +12363,31 @@ rules:
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
+metadata:
+  labels:
+    app: kyverno
+    app.kubernetes.io/component: kyverno
+    app.kubernetes.io/instance: kyverno
+    app.kubernetes.io/name: kyverno
+    app.kubernetes.io/part-of: kyverno
+    rbac.authorization.k8s.io/aggregate-to-admin: "true"
+  name: kyverno:admin-updaterequest
+rules:
+- apiGroups:
+  - kyverno.io
+  resources:
+  - updaterequests
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
 metadata:
   labels:
     app: kyverno
diff --git a/config/k8s-resource/aggregateroles.yaml b/config/k8s-resource/aggregateroles.yaml
index fad740f6dd..ecda03af3a 100644
--- a/config/k8s-resource/aggregateroles.yaml
+++ b/config/k8s-resource/aggregateroles.yaml
@@ -85,3 +85,24 @@ rules:
     - patch
     - update
     - watch
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    app: kyverno
+    rbac.authorization.k8s.io/aggregate-to-admin: "true"
+  name: kyverno:admin-updaterequest
+rules:
+- apiGroups:
+  - kyverno.io
+  resources:
+  - updaterequests
+  verbs:
+    - create
+    - delete
+    - get
+    - list
+    - patch
+    - update
+    - watch