diff --git a/deployment/helm/node-feature-discovery/templates/clusterrole.yaml b/deployment/helm/node-feature-discovery/templates/clusterrole.yaml
index 3dd6f6f3b6..2699dfe5dd 100644
--- a/deployment/helm/node-feature-discovery/templates/clusterrole.yaml
+++ b/deployment/helm/node-feature-discovery/templates/clusterrole.yaml
@@ -18,12 +18,6 @@ rules:
   - patch
   - update
   - list
-- apiGroups:
-    - ""
-  resources:
-    - nodes/proxy
-  verbs:
-    - get
 - apiGroups:
   - nfd.k8s-sigs.io
   resources:
@@ -36,7 +30,7 @@ rules:
 {{- end }}
 
 ---
-{{- if .Values.topologyUpdater.rbac.create }}
+{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.rbac.create }}
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
@@ -51,6 +45,12 @@ rules:
   verbs:
   - get
   - list
+- apiGroups:
+    - ""
+  resources:
+    - nodes/proxy
+  verbs:
+    - get
 - apiGroups:
   - ""
   resources:
diff --git a/deployment/helm/node-feature-discovery/values.yaml b/deployment/helm/node-feature-discovery/values.yaml
index a5beb620d3..c08254422b 100644
--- a/deployment/helm/node-feature-discovery/values.yaml
+++ b/deployment/helm/node-feature-discovery/values.yaml
@@ -390,7 +390,7 @@ topologyUpdater:
     annotations: {}
     name:
   rbac:
-    create: false
+    create: true
 
   kubeletConfigPath:
   kubeletPodResourcesSockPath: