diff --git a/cluster-service/Makefile b/cluster-service/Makefile
index 885d756f2..ca600e8df 100644
--- a/cluster-service/Makefile
+++ b/cluster-service/Makefile
@@ -28,9 +28,12 @@ deploy:
 	  -p IMAGE_REPOSITORY=app-sre/uhc-clusters-service \
 	  -p IMAGE_TAG=2256c75 | oc apply -f -
 
+deploy-integ:
+	oc process --local -f deploy/integration/cluster-service-namespace.yaml | oc apply -f -
+
 # for local development
 provision-shard:
 	@ZONE_RESOURCE_ID=$(shell az network dns zone list -g ${REGIONAL_RESOURCEGROUP} --query "[?zoneType=='Public'].id" -o tsv) && \
 	sed -e "s#ZONE_RESOURCE_ID#$${ZONE_RESOURCE_ID}#g" -e "s/REGION/${REGION}/g" -e "s/CONSUMER_NAME/${CONSUMER_NAME}/g" deploy/dev-provisioning-shards.yml
 
-.PHONY: deploy
+.PHONY: deploy deploy-integ provision-shard
diff --git a/cluster-service/deploy/integration/cluster-service-namespace.yaml b/cluster-service/deploy/integration/cluster-service-namespace.yaml
new file mode 100644
index 000000000..ea02c63dc
--- /dev/null
+++ b/cluster-service/deploy/integration/cluster-service-namespace.yaml
@@ -0,0 +1,50 @@
+---
+apiVersion: v1
+kind: Template
+metadata:
+  name: cluster-service-admin
+objects:
+  - apiVersion: v1
+    kind: Namespace
+    metadata:
+      name: cluster-service-admin
+  - apiVersion: v1
+    kind: ServiceAccount
+    metadata:
+      name: cluster-service-mgmt
+      namespace: cluster-service-admin
+  - apiVersion: rbac.authorization.k8s.io/v1
+    kind: ClusterRole
+    metadata:
+      name: namespace-admin
+    rules:
+    - apiGroups:
+      - ""
+      resources:
+      - namespace
+      verbs:
+      - "*"
+  - apiVersion: rbac.authorization.k8s.io/v1
+    kind: ClusterRoleBinding
+    metadata:
+      name: cluster-service-admin
+    roleRef:
+      apiGroup: rbac.authorization.k8s.io
+      kind: ClusterRole
+      name: admin
+    subjects:
+    - kind: ServiceAccount
+      name: cluster-service-mgmt
+      namespace: cluster-service-admin
+  - apiVersion: rbac.authorization.k8s.io/v1
+    kind: ClusterRoleBinding
+    metadata:
+      name: cluster-service-namespace-admin
+    roleRef:
+      apiGroup: rbac.authorization.k8s.io
+      kind: ClusterRole
+      name: namespace-admin
+    subjects:
+    - kind: ServiceAccount
+      name: cluster-service-mgmt
+      namespace: cluster-service-admin