diff --git a/keda/templates/manager/clusterrolebindings.yaml b/keda/templates/manager/clusterrolebindings.yaml
index fa83bcec..a9cc0d7e 100644
--- a/keda/templates/manager/clusterrolebindings.yaml
+++ b/keda/templates/manager/clusterrolebindings.yaml
@@ -20,7 +20,8 @@ subjects:
   name: {{ (.Values.serviceAccount.operator).name | default .Values.serviceAccount.name }}
   namespace: {{ .Release.Namespace }}
 {{- else }}
-  {{- range ( split "," .Values.watchNamespace ) }}
+  {{- $namespaces := append (splitList "," .Values.watchNamespace) .Release.Namespace -}}
+  {{- range $namespaces }}
 ---
 # Role binding for namespace '{{ . }}'
 apiVersion: rbac.authorization.k8s.io/v1
diff --git a/keda/templates/manager/minimal-rbac.yaml b/keda/templates/manager/minimal-rbac.yaml
index bc762161..1b5a0ca4 100644
--- a/keda/templates/manager/minimal-rbac.yaml
+++ b/keda/templates/manager/minimal-rbac.yaml
@@ -34,6 +34,10 @@ rules:
   verbs:
   - create
   - update
+{{- if .Values.permissions.operator.restrict.secret }}
+  - list
+  - watch
+{{- end }}
 {{- end }}
 ---
 apiVersion: rbac.authorization.k8s.io/v1