diff --git a/config/default/editor_role_patch.yaml b/config/default/editor_role_patch.yaml
new file mode 100644
index 00000000..881023d3
--- /dev/null
+++ b/config/default/editor_role_patch.yaml
@@ -0,0 +1,7 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: editor-role
+  labels:
+    rbac.authorization.k8s.io/aggregate-to-edit: "true"
+    rbac.authorization.k8s.io/aggregate-to-admin: "true"
diff --git a/config/default/kustomization.yaml b/config/default/kustomization.yaml
index 4326f887..2fee1589 100644
--- a/config/default/kustomization.yaml
+++ b/config/default/kustomization.yaml
@@ -35,3 +35,7 @@ patches:
 # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in
 # crd/kustomization.yaml
 - path: manager_webhook_patch.yaml
+
+# Add aggregate labels to rbacs
+- path: editor_role_patch.yaml
+- path: viewer_role_patch.yaml
diff --git a/config/default/viewer_role_patch.yaml b/config/default/viewer_role_patch.yaml
new file mode 100644
index 00000000..a6f71fb7
--- /dev/null
+++ b/config/default/viewer_role_patch.yaml
@@ -0,0 +1,6 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: viewer-role
+  labels:
+    rbac.authorization.k8s.io/aggregate-to-view: "true"
diff --git a/config/rbac/appwrapper_editor_role.yaml b/config/rbac/editor_role.yaml
similarity index 95%
rename from config/rbac/appwrapper_editor_role.yaml
rename to config/rbac/editor_role.yaml
index 391a4a28..05e49629 100644
--- a/config/rbac/appwrapper_editor_role.yaml
+++ b/config/rbac/editor_role.yaml
@@ -9,7 +9,7 @@ metadata:
     app.kubernetes.io/created-by: appwrapper
     app.kubernetes.io/part-of: appwrapper
     app.kubernetes.io/managed-by: kustomize
-  name: appwrapper-editor-role
+  name: editor-role
 rules:
 - apiGroups:
   - workload.codeflare.dev
diff --git a/config/rbac/kustomization.yaml b/config/rbac/kustomization.yaml
index 0e99f848..12187025 100644
--- a/config/rbac/kustomization.yaml
+++ b/config/rbac/kustomization.yaml
@@ -10,6 +10,8 @@ resources:
 - leader_election_role.yaml
 - leader_election_role_binding.yaml
 - user_role.yaml
+- editor_role.yaml
+- viewer_role.yaml
 # Comment the following 4 lines if you want to disable
 # the auth proxy (https://github.com/brancz/kube-rbac-proxy)
 # which protects your /metrics endpoint.
diff --git a/config/rbac/appwrapper_viewer_role.yaml b/config/rbac/viewer_role.yaml
similarity index 95%
rename from config/rbac/appwrapper_viewer_role.yaml
rename to config/rbac/viewer_role.yaml
index 924a44c3..527b9280 100644
--- a/config/rbac/appwrapper_viewer_role.yaml
+++ b/config/rbac/viewer_role.yaml
@@ -9,7 +9,7 @@ metadata:
     app.kubernetes.io/created-by: appwrapper
     app.kubernetes.io/part-of: appwrapper
     app.kubernetes.io/managed-by: kustomize
-  name: appwrapper-viewer-role
+  name: viewer-role
 rules:
 - apiGroups:
   - workload.codeflare.dev