diff --git a/broker/machinebroker/server/server.go b/broker/machinebroker/server/server.go
index 7ab35699e..2e00a2468 100644
--- a/broker/machinebroker/server/server.go
+++ b/broker/machinebroker/server/server.go
@@ -18,6 +18,7 @@ import (
 
 var _ iri.MachineRuntimeServer = (*Server)(nil)
 
+//+kubebuilder:rbac:groups="",resources=events,verbs=get;list;watch
 //+kubebuilder:rbac:groups="",resources=secrets,verbs=get;list;watch;create;update;patch;delete
 //+kubebuilder:rbac:groups=compute.ironcore.dev,resources=machines,verbs=get;list;watch;create;update;patch;delete
 //+kubebuilder:rbac:groups=compute.ironcore.dev,resources=machines/exec,verbs=get;create
diff --git a/config/machinepoollet-broker/broker-rbac/role.yaml b/config/machinepoollet-broker/broker-rbac/role.yaml
index 209606166..63fc023d0 100644
--- a/config/machinepoollet-broker/broker-rbac/role.yaml
+++ b/config/machinepoollet-broker/broker-rbac/role.yaml
@@ -4,6 +4,14 @@ kind: Role
 metadata:
   name: broker-role
 rules:
+- apiGroups:
+  - ""
+  resources:
+  - events
+  verbs:
+  - get
+  - list
+  - watch
 - apiGroups:
   - ""
   resources: