diff --git a/internal/resources/otelcollector/rbac.go b/internal/resources/otelcollector/rbac.go
index 273e60450..90a20efc4 100644
--- a/internal/resources/otelcollector/rbac.go
+++ b/internal/resources/otelcollector/rbac.go
@@ -43,44 +43,46 @@ func MakeMetricGatewayRBAC(name types.NamespacedName) Rbac {
 }
 
 func makeTraceGatewayClusterRole(name types.NamespacedName) *rbacv1.ClusterRole {
+	k8sAttributeRules := []rbacv1.PolicyRule{
+		{
+			APIGroups: []string{""},
+			Resources: []string{"namespaces", "pods"},
+			Verbs:     []string{"get", "list", "watch"},
+		},
+		{
+			APIGroups: []string{"apps"},
+			Resources: []string{"replicasets"},
+			Verbs:     []string{"get", "list", "watch"},
+		},
+	}
+	clusterRoleRules := append([]rbacv1.PolicyRule{}, k8sAttributeRules...)
+
 	return &rbacv1.ClusterRole{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      name.Name,
 			Namespace: name.Namespace,
 			Labels:    labels.MakeDefaultLabel(name.Name),
 		},
-		Rules: []rbacv1.PolicyRule{
-			{
-				APIGroups: []string{""},
-				Resources: []string{"namespaces", "pods"},
-				Verbs:     []string{"get", "list", "watch"},
-			},
-			{
-				APIGroups: []string{"apps"},
-				Resources: []string{"replicasets"},
-				Verbs:     []string{"get", "list", "watch"},
-			},
-		},
+		Rules: clusterRoleRules,
 	}
 }
 
 func makeMetricAgentClusterRole(name types.NamespacedName) *rbacv1.ClusterRole {
-	clusterRole := &rbacv1.ClusterRole{
-		ObjectMeta: metav1.ObjectMeta{
-			Name:      name.Name,
-			Namespace: name.Namespace,
-			Labels:    labels.MakeDefaultLabel(name.Name),
+	kubeletStatsRules := []rbacv1.PolicyRule{{
+		APIGroups: []string{""},
+		Resources: []string{"nodes", "nodes/stats", "nodes/proxy"},
+		Verbs:     []string{"get", "list", "watch"},
+	}}
+
+	prometheusRules := []rbacv1.PolicyRule{
+		{
+			APIGroups: []string{""},
+			Resources: []string{"nodes", "nodes/metrics", "services", "endpoints", "pods"},
+			Verbs:     []string{"get", "list", "watch"},
 		},
-		Rules: []rbacv1.PolicyRule{
-			{
-				APIGroups: []string{""},
-				Resources: []string{"nodes", "nodes/metrics", "nodes/stats", "nodes/proxy", "services", "endpoints", "pods"},
-				Verbs:     []string{"get", "list", "watch"},
-			},
-			{
-				NonResourceURLs: []string{"/metrics", "/metrics/cadvisor"},
-				Verbs:           []string{"get"},
-			},
+		{
+			NonResourceURLs: []string{"/metrics", "/metrics/cadvisor"},
+			Verbs:           []string{"get"},
 		},
 	}
 
@@ -106,29 +108,31 @@ func makeMetricAgentClusterRole(name types.NamespacedName) *rbacv1.ClusterRole {
 		Verbs:     []string{"get", "list", "watch"},
 	}}
 
-	clusterRole.Rules = append(clusterRole.Rules, k8sClusterRules...)
-
-	return clusterRole
-}
+	clusterRoleRules := append([]rbacv1.PolicyRule{}, kubeletStatsRules...)
+	clusterRoleRules = append(clusterRoleRules, prometheusRules...)
+	clusterRoleRules = append(clusterRoleRules, k8sClusterRules...)
 
-func makeMetricGatewayClusterRole(name types.NamespacedName) *rbacv1.ClusterRole {
-	clusterRole := rbacv1.ClusterRole{
+	return &rbacv1.ClusterRole{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      name.Name,
 			Namespace: name.Namespace,
 			Labels:    labels.MakeDefaultLabel(name.Name),
 		},
-		Rules: []rbacv1.PolicyRule{
-			{
-				APIGroups: []string{""},
-				Resources: []string{"namespaces", "pods"},
-				Verbs:     []string{"get", "list", "watch"},
-			},
-			{
-				APIGroups: []string{"apps"},
-				Resources: []string{"replicasets"},
-				Verbs:     []string{"get", "list", "watch"},
-			},
+		Rules: clusterRoleRules,
+	}
+}
+
+func makeMetricGatewayClusterRole(name types.NamespacedName) *rbacv1.ClusterRole {
+	k8sAttributeRules := []rbacv1.PolicyRule{
+		{
+			APIGroups: []string{""},
+			Resources: []string{"namespaces", "pods"},
+			Verbs:     []string{"get", "list", "watch"},
+		},
+		{
+			APIGroups: []string{"apps"},
+			Resources: []string{"replicasets"},
+			Verbs:     []string{"get", "list", "watch"},
 		},
 	}
 
@@ -150,9 +154,17 @@ func makeMetricGatewayClusterRole(name types.NamespacedName) *rbacv1.ClusterRole
 		Verbs:     []string{"get", "list", "watch"},
 	}}
 
-	clusterRole.Rules = append(clusterRole.Rules, kymaStatsRules...)
+	clusterRoleRules := append([]rbacv1.PolicyRule{}, k8sAttributeRules...)
+	clusterRoleRules = append(clusterRoleRules, kymaStatsRules...)
 
-	return &clusterRole
+	return &rbacv1.ClusterRole{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      name.Name,
+			Namespace: name.Namespace,
+			Labels:    labels.MakeDefaultLabel(name.Name),
+		},
+		Rules: clusterRoleRules,
+	}
 }
 
 func makeClusterRoleBinding(name types.NamespacedName) *rbacv1.ClusterRoleBinding {
diff --git a/internal/resources/otelcollector/rbac_test.go b/internal/resources/otelcollector/rbac_test.go
index 1c1e0fd8a..0c00b999a 100644
--- a/internal/resources/otelcollector/rbac_test.go
+++ b/internal/resources/otelcollector/rbac_test.go
@@ -65,7 +65,12 @@ func TestMakeMetricAgentRBAC(t *testing.T) {
 		expectedRules := []rbacv1.PolicyRule{
 			{
 				APIGroups: []string{""},
-				Resources: []string{"nodes", "nodes/metrics", "nodes/stats", "nodes/proxy", "services", "endpoints", "pods"},
+				Resources: []string{"nodes", "nodes/stats", "nodes/proxy"},
+				Verbs:     []string{"get", "list", "watch"},
+			},
+			{
+				APIGroups: []string{""},
+				Resources: []string{"nodes", "nodes/metrics", "services", "endpoints", "pods"},
 				Verbs:     []string{"get", "list", "watch"},
 			},
 			{