diff --git a/kubernetes/apps/rook-ceph/namespace.yaml b/kubernetes/apps/rook-ceph/namespace.yaml
index 4f4d74a80..dea2828b2 100644
--- a/kubernetes/apps/rook-ceph/namespace.yaml
+++ b/kubernetes/apps/rook-ceph/namespace.yaml
@@ -5,3 +5,5 @@ metadata:
   name: rook-ceph
   labels:
     kustomize.toolkit.fluxcd.io/prune: disabled
+    pod-security.kubernetes.io/enforce: privileged
+    pod-security.kubernetes.io/enforce-version: latest
diff --git a/tools/wipe-rook.yaml b/tools/wipe-rook.yaml
index acd4ad9f2..193aa760a 100644
--- a/tools/wipe-rook.yaml
+++ b/tools/wipe-rook.yaml
@@ -1,8 +1,17 @@
 ---
 apiVersion: v1
+kind: Namespace
+metadata:
+  name: my-privileged-namespace
+  labels:
+    pod-security.kubernetes.io/enforce: privileged
+    pod-security.kubernetes.io/enforce-version: latest
+---
+apiVersion: v1
 kind: Pod
 metadata:
   name: disk-wipe-talos-node-2
+  namespace: my-privileged-namespace
 spec:
   restartPolicy: Never
   nodeName: talos-node-2
@@ -35,6 +44,7 @@ apiVersion: v1
 kind: Pod
 metadata:
   name: disk-wipe-talos-node-3
+  namespace: my-privileged-namespace
 spec:
   restartPolicy: Never
   nodeName: talos-node-3
@@ -67,6 +77,7 @@ apiVersion: v1
 kind: Pod
 metadata:
   name: disk-wipe-talos-node-4
+  namespace: my-privileged-namespace
 spec:
   restartPolicy: Never
   nodeName: talos-node-4