diff --git a/engine_k8s_au_syd1.tf b/engine_k8s_au_syd1.tf
index bdadd84..9db2435 100644
--- a/engine_k8s_au_syd1.tf
+++ b/engine_k8s_au_syd1.tf
@@ -22,6 +22,11 @@ resource "vault_kubernetes_secret_backend_role" "media_apps_operator" {
   kubernetes_role_type          = "Role"
 
   generated_role_rules = file("${path.module}/resources/k8s/syd1/au/generated_role_rules/media-apps-operator.yaml")
+
+  extra_labels = {
+    vault-region = "au-syd1"
+    vault-role   = "vault-media-apps-operator"
+  }
 }
 
 resource "vault_kubernetes_secret_backend_role" "cluster_operator" {
@@ -31,6 +36,11 @@ resource "vault_kubernetes_secret_backend_role" "cluster_operator" {
   kubernetes_role_type          = "ClusterRole"
 
   generated_role_rules = file("${path.module}/resources/k8s/syd1/au/generated_role_rules/cluster-operator.yaml")
+
+  extra_labels = {
+    vault-region = "au-syd1"
+    vault-role   = "vault-cluster-operator"
+  }
 }
 
 resource "vault_kubernetes_secret_backend_role" "cluster_admin" {
@@ -40,6 +50,11 @@ resource "vault_kubernetes_secret_backend_role" "cluster_admin" {
   kubernetes_role_type          = "ClusterRole"
 
   generated_role_rules = file("${path.module}/resources/k8s/syd1/au/generated_role_rules/cluster-admin.yaml")
+
+  extra_labels = {
+    vault-region = "au-syd1"
+    vault-role   = "vault-cluster-admin"
+  }
 }
 
 resource "vault_kubernetes_secret_backend_role" "cluster_root" {
@@ -49,4 +64,9 @@ resource "vault_kubernetes_secret_backend_role" "cluster_root" {
   kubernetes_role_type          = "ClusterRole"
 
   generated_role_rules = file("${path.module}/resources/k8s/syd1/au/generated_role_rules/cluster-root.yaml")
+
+  extra_labels = {
+    vault-region = "au-syd1"
+    vault-role   = "vault-cluster-root"
+  }
 }
diff --git a/resources/k8s/syd1/au/generated_role_rules/cluster-admin.yaml b/resources/k8s/syd1/au/generated_role_rules/cluster-admin.yaml
index 80ca051..6f80bde 100644
--- a/resources/k8s/syd1/au/generated_role_rules/cluster-admin.yaml
+++ b/resources/k8s/syd1/au/generated_role_rules/cluster-admin.yaml
@@ -17,6 +17,9 @@ rules:
       - "nfd.k8s-sigs.io"
       - "policy"
       - "metrics.k8s.io"
+      - "logstash.k8s.elastic.co"
+      - "elasticsearch.k8s.elastic.co"
+      - "kibana.k8s.elastic.co"
     resources:
       - "*"
     verbs:
diff --git a/resources/k8s/syd1/au/generated_role_rules/cluster-operator.yaml b/resources/k8s/syd1/au/generated_role_rules/cluster-operator.yaml
index 480d36b..1808085 100644
--- a/resources/k8s/syd1/au/generated_role_rules/cluster-operator.yaml
+++ b/resources/k8s/syd1/au/generated_role_rules/cluster-operator.yaml
@@ -17,6 +17,9 @@ rules:
       - "nfd.k8s-sigs.io"
       - "policy"
       - "metrics.k8s.io"
+      - "logstash.k8s.elastic.co"
+      - "elasticsearch.k8s.elastic.co"
+      - "kibana.k8s.elastic.co"
     resources:
       - "*"
     verbs: