diff --git a/argo/cluster/misc/users/chart/clusterrolebindings.yaml b/argo/cluster/misc/users/chart/clusterrolebindings.yaml
index e489209b..9c808f13 100644
--- a/argo/cluster/misc/users/chart/clusterrolebindings.yaml
+++ b/argo/cluster/misc/users/chart/clusterrolebindings.yaml
@@ -34,18 +34,20 @@ subjects:
     namespace: default
 ---
 apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
+kind: Role
 metadata:
   name: srep-operator:pods
+  namespace: srep-plays
 rules:
 - apiGroups: [""]
   resources: ["pods"]
   verbs: ["get", "create", "delete"]
 ---
 apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
+kind: RoleBinding
 metadata:
   name: srep-operator:pods
+  namespace: srep-plays
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
diff --git a/argo/cluster/misc/users/chart/serviceaccounts.yaml b/argo/cluster/misc/users/chart/serviceaccounts.yaml
index 085261ae..15d316d2 100644
--- a/argo/cluster/misc/users/chart/serviceaccounts.yaml
+++ b/argo/cluster/misc/users/chart/serviceaccounts.yaml
@@ -15,11 +15,13 @@ apiVersion: v1
 kind: ServiceAccount
 metadata:
   name: srep-operator
+  namespace: srep-plays
 ---
 apiVersion: v1
 kind: Secret
 metadata:
   name: srep-operator-token
+  namespace: srep-plays
   annotations:
     kubernetes.io/service-account.name: srep-operator
 type: kubernetes.io/service-account-token