diff --git a/k8s/stage/osh-client-tekton/tekton-terminator-sa-rbac.yaml b/k8s/stage/osh-client-tekton/tekton-terminator-sa-rbac.yaml
new file mode 100644
index 0000000..dd67d0e
--- /dev/null
+++ b/k8s/stage/osh-client-tekton/tekton-terminator-sa-rbac.yaml
@@ -0,0 +1,43 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  namespace: pct-security-tooling
+  name: osh-wrapper-tekton-terminator-sa
+  labels: 
+    app.kubernetes.io/name: osh-wrapper-tekton-terminator
+    env: stage
+imagePullSecrets:
+  - name: pct-security-osh-wrapper-client-pull-secret
+---
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: osh-wrapper-tekton-terminator
+  labels:
+    app.kubernetes.io/component: tekton
+  namespace: pct-security-tooling
+rules:
+- apiGroups:
+  - tekton.dev
+  resources:
+  - taskruns
+  - pipelineruns
+  verbs:
+  - get
+  - list
+  - delete
+  - update
+---
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: osh-wrapper-tekton-terminator-rolebinding
+  namespace: pct-security-tooling
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: osh-wrapper-tekton-terminator
+subjects:
+- kind: ServiceAccount
+  name: osh-wrapper-tekton-terminator-sa
+