diff --git a/resources/v4.0/base/kustomization.yaml b/resources/v4.0/base/kustomization.yaml
new file mode 100644
index 00000000..a621ccb1
--- /dev/null
+++ b/resources/v4.0/base/kustomization.yaml
@@ -0,0 +1,10 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - ../../base
+  - ../psp
+
+images:
+  - name: quay.io/minio/directpv
+    digest: sha256:98c23183f3abb8d9b6e0c300677605cc822e039fc81ce0e5dd8bef1006547627
diff --git a/resources/v4.0/legacy/kustomization.yaml b/resources/v4.0/legacy/kustomization.yaml
new file mode 100644
index 00000000..1ead3875
--- /dev/null
+++ b/resources/v4.0/legacy/kustomization.yaml
@@ -0,0 +1,10 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - ../../legacy
+  - ../psp
+
+images:
+  - name: quay.io/minio/directpv
+    digest: sha256:98c23183f3abb8d9b6e0c300677605cc822e039fc81ce0e5dd8bef1006547627
diff --git a/resources/v4.0/openshift-with-legacy/kustomization.yaml b/resources/v4.0/openshift-with-legacy/kustomization.yaml
new file mode 100644
index 00000000..9c42f808
--- /dev/null
+++ b/resources/v4.0/openshift-with-legacy/kustomization.yaml
@@ -0,0 +1,10 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - ../../openshift-with-legacy
+  - ../psp
+
+images:
+  - name: quay.io/minio/directpv
+    digest: sha256:98c23183f3abb8d9b6e0c300677605cc822e039fc81ce0e5dd8bef1006547627
diff --git a/resources/v4.0/openshift/kustomization.yaml b/resources/v4.0/openshift/kustomization.yaml
new file mode 100644
index 00000000..522bba1f
--- /dev/null
+++ b/resources/v4.0/openshift/kustomization.yaml
@@ -0,0 +1,10 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - ../../openshift
+  - ../psp
+
+images:
+  - name: quay.io/minio/directpv
+    digest: sha256:98c23183f3abb8d9b6e0c300677605cc822e039fc81ce0e5dd8bef1006547627
diff --git a/resources/v4.0/psp/PodSecurityPolicy-ClusterRoleBinding.yaml b/resources/v4.0/psp/PodSecurityPolicy-ClusterRoleBinding.yaml
new file mode 100644
index 00000000..636a208c
--- /dev/null
+++ b/resources/v4.0/psp/PodSecurityPolicy-ClusterRoleBinding.yaml
@@ -0,0 +1,18 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  creationTimestamp: null
+  labels:
+    application-name: directpv.min.io
+    application-type: CSIDriver
+    directpv.min.io/created-by: kubectl-directpv
+    directpv.min.io/version: v1beta1
+  name: psp-directpv-min-io
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: directpv-min-io
+subjects:
+- apiGroup: rbac.authorization.k8s.io
+  kind: Group
+  name: system:serviceaccounts:directpv-min-io
diff --git a/resources/v4.0/psp/PodSecurityPolicy.yaml b/resources/v4.0/psp/PodSecurityPolicy.yaml
new file mode 100644
index 00000000..cbe8ea92
--- /dev/null
+++ b/resources/v4.0/psp/PodSecurityPolicy.yaml
@@ -0,0 +1,34 @@
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  creationTimestamp: null
+  labels:
+    application-name: directpv.min.io
+    application-type: CSIDriver
+    directpv.min.io/created-by: kubectl-directpv
+    directpv.min.io/version: v1beta1
+  name: directpv-min-io
+spec:
+  allowedCapabilities:
+  - '*'
+  allowedHostPaths:
+  - pathPrefix: /proc
+    readOnly: true
+  - pathPrefix: /sys
+  - pathPrefix: /run/udev/data
+    readOnly: true
+  - pathPrefix: /var/lib/directpv
+  - pathPrefix: /csi
+  - pathPrefix: /var/lib/kubelet
+  fsGroup:
+    rule: RunAsAny
+  hostPID: true
+  privileged: true
+  runAsUser:
+    rule: RunAsAny
+  seLinux:
+    rule: RunAsAny
+  supplementalGroups:
+    rule: RunAsAny
+  volumes:
+  - hostPath
diff --git a/resources/v4.0/psp/kustomization.yaml b/resources/v4.0/psp/kustomization.yaml
new file mode 100644
index 00000000..70e614e1
--- /dev/null
+++ b/resources/v4.0/psp/kustomization.yaml
@@ -0,0 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - PodSecurityPolicy.yaml
+  - PodSecurityPolicy-ClusterRoleBinding.yaml