diff --git a/cyclops-ctrl/internal/models/dto/k8s.go b/cyclops-ctrl/internal/models/dto/k8s.go
index ca5cbffc..04c1404e 100644
--- a/cyclops-ctrl/internal/models/dto/k8s.go
+++ b/cyclops-ctrl/internal/models/dto/k8s.go
@@ -716,3 +716,45 @@ func (s *Role) GetDeleted() bool {
 func (s *Role) SetDeleted(deleted bool) {
 	s.Deleted = deleted
 }
+
+type ClusterRole struct {
+	Group     string              `json:"group"`
+	Version   string              `json:"version"`
+	Kind      string              `json:"kind"`
+	Name      string              `json:"name"`
+	Namespace string              `json:"namespace"`
+	Deleted   bool                `json:"deleted"`
+	Rules     []rbacv1.PolicyRule `json:"rules"`
+}
+
+func (s *ClusterRole) GetGroupVersionKind() string {
+	return s.Group + "/" + s.Version + ", Kind=" + s.Kind
+}
+
+func (s *ClusterRole) GetGroup() string {
+	return s.Group
+}
+
+func (s *ClusterRole) GetVersion() string {
+	return s.Version
+}
+
+func (s *ClusterRole) GetKind() string {
+	return s.Kind
+}
+
+func (s *ClusterRole) GetName() string {
+	return s.Name
+}
+
+func (s *ClusterRole) GetNamespace() string {
+	return s.Namespace
+}
+
+func (s *ClusterRole) GetDeleted() bool {
+	return s.Deleted
+}
+
+func (s *ClusterRole) SetDeleted(deleted bool) {
+	s.Deleted = deleted
+}
diff --git a/cyclops-ctrl/pkg/cluster/k8sclient/mapper.go b/cyclops-ctrl/pkg/cluster/k8sclient/mapper.go
index c63211d7..be20af93 100644
--- a/cyclops-ctrl/pkg/cluster/k8sclient/mapper.go
+++ b/cyclops-ctrl/pkg/cluster/k8sclient/mapper.go
@@ -372,6 +372,21 @@ func (k *KubernetesClient) mapRole(group, version, kind, name, namespace string)
 	}, nil
 }
 
+func (k *KubernetesClient) mapClusterRole(group, version, kind, name string) (*dto.ClusterRole, error) {
+	clusterRole, err := k.clientset.RbacV1().ClusterRoles().Get(context.Background(), name, metav1.GetOptions{})
+	if err != nil {
+		return nil, err
+	}
+
+	return &dto.ClusterRole{
+		Group:   group,
+		Version: version,
+		Kind:    kind,
+		Name:    clusterRole.Name,
+		Rules:   clusterRole.Rules,
+	}, nil
+}
+
 func mapNetworkPolicyIngressRules(rules []networkingv1.NetworkPolicyIngressRule) []dto.NetworkPolicyIngressRule {
 	mapped := make([]dto.NetworkPolicyIngressRule, len(rules))
 	for i, rule := range rules {
diff --git a/cyclops-ctrl/pkg/cluster/k8sclient/resources.go b/cyclops-ctrl/pkg/cluster/k8sclient/resources.go
index 6a5b65cf..78f21895 100644
--- a/cyclops-ctrl/pkg/cluster/k8sclient/resources.go
+++ b/cyclops-ctrl/pkg/cluster/k8sclient/resources.go
@@ -141,6 +141,8 @@ func (k *KubernetesClient) GetResource(group, version, kind, name, namespace str
 		return k.mapRole(group, version, kind, name, namespace)
 	case isNetworkPolicy(group, version, kind):
 		return k.mapNetworkPolicy(group, version, kind, name, namespace)
+	case isClusterRole(group, version, kind):
+		return k.mapClusterRole(group, version, kind, name)
 	}
 
 	return nil, nil
@@ -466,6 +468,10 @@ func isNetworkPolicy(group, version, kind string) bool {
 	return group == "networking.k8s.io" && version == "v1" && kind == "NetworkPolicy"
 }
 
+func isClusterRole(group, version, kind string) bool {
+	return group == "rbac.authorization.k8s.io" && version == "v1" && kind == "ClusterRole"
+}
+
 func IsWorkload(group, version, kind string) bool {
 	return isDeployment(group, version, kind) ||
 		isStatefulSet(group, version, kind) ||