diff --git a/cli/internal/helm/BUILD.bazel b/cli/internal/helm/BUILD.bazel
index c70f184306..323b1760f6 100644
--- a/cli/internal/helm/BUILD.bazel
+++ b/cli/internal/helm/BUILD.bazel
@@ -411,6 +411,7 @@ go_library(
         "charts/edgeless/csi/charts/aws-csi-driver/templates/storageclass_integrity.yaml",
         "charts/edgeless/csi/charts/aws-csi-driver/templates/volumesnapshotclass.yaml",
         "charts/edgeless/csi/charts/aws-csi-driver/values.yaml",
+        "charts/edgeless/constellation-services/charts/ccm/templates/gcp-clusterrolebinding.yaml",
     ],
     importpath = "github.com/edgelesssys/constellation/v2/cli/internal/helm",
     visibility = ["//cli:__subpackages__"],
diff --git a/cli/internal/helm/charts/edgeless/constellation-services/charts/ccm/templates/gcp-clusterrolebinding.yaml b/cli/internal/helm/charts/edgeless/constellation-services/charts/ccm/templates/gcp-clusterrolebinding.yaml
new file mode 100644
index 0000000000..ce516ba283
--- /dev/null
+++ b/cli/internal/helm/charts/edgeless/constellation-services/charts/ccm/templates/gcp-clusterrolebinding.yaml
@@ -0,0 +1,14 @@
+{{- if eq .Values.csp "GCP" -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: system:cloud-provider
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: cluster-admin
+subjects:
+  - kind: ServiceAccount
+    name: cloud-provider
+    namespace: {{ .Release.Namespace }}
+{{- end -}}
diff --git a/cli/internal/helm/testdata/GCP/constellation-services/charts/ccm/templates/gcp-clusterrolebinding.yaml b/cli/internal/helm/testdata/GCP/constellation-services/charts/ccm/templates/gcp-clusterrolebinding.yaml
new file mode 100644
index 0000000000..f54d4c8706
--- /dev/null
+++ b/cli/internal/helm/testdata/GCP/constellation-services/charts/ccm/templates/gcp-clusterrolebinding.yaml
@@ -0,0 +1,12 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: system:cloud-provider
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: cluster-admin
+subjects:
+  - kind: ServiceAccount
+    name: cloud-provider
+    namespace: testNamespace