diff --git a/resources/hydra/kustomization.yaml b/resources/hydra/kustomization.yaml
index c300b4b..779cd22 100644
--- a/resources/hydra/kustomization.yaml
+++ b/resources/hydra/kustomization.yaml
@@ -8,6 +8,7 @@ resources:
   - ./resources/hydra-rolebinding.yaml
   - ./resources/hydra-serviceaccount.yaml
   - ./resources/hydra-migrate-job.yaml
+  - ./resources/hydra-maester
 
 secretGenerator:
   - name: hydra-secret
@@ -21,7 +22,7 @@ configMapGenerator:
       - URLS_LOGIN=http://hydra-login-app/login
       - URLS_CONSENT=http://hydra-consent-app/consent
       - URLS_LOGOUT=http://hydra-logout-app/logout
-      - HYDRA_SERVE_ALL_ARGS=
+      - HYDRA_SERVE_ALL_ARGS=--dev
       - LOG_LEVEL=info
 
 vars:
diff --git a/resources/hydra/resources/hydra-maester/kustomization.yaml b/resources/hydra/resources/hydra-maester/kustomization.yaml
new file mode 100644
index 0000000..4cb1210
--- /dev/null
+++ b/resources/hydra/resources/hydra-maester/kustomization.yaml
@@ -0,0 +1,15 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - https://raw.githubusercontent.com/ory/k8s/v0.28.2/helm/charts/hydra-maester/crds/crd-oauth2clients.yaml
+  - ./resources/hydra-maester-deployment.yaml
+  - ./resources/hydra-maester-rbac.yaml
+
+configMapGenerator:
+  - name: hydra-maester-env
+    literals:
+      - APP_ENV=prod
+      - APP_DEBUG=false
+      - HYDRA_ADMIN_BASE_URL=http://hydra
+      - HYDRA_ADMIN_PORT=4445
\ No newline at end of file
diff --git a/resources/hydra/resources/hydra-maester/resources/hydra-maester-deployment.yaml b/resources/hydra/resources/hydra-maester/resources/hydra-maester-deployment.yaml
new file mode 100644
index 0000000..0b5b7bb
--- /dev/null
+++ b/resources/hydra/resources/hydra-maester/resources/hydra-maester-deployment.yaml
@@ -0,0 +1,56 @@
+---
+# Source: hydra/charts/hydra-maester/templates/deployment.yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: hydra-maester
+  labels:
+    app.kubernetes.io/name: hydra-maester
+    app.kubernetes.io/instance: hydra-master
+    app.kubernetes.io/version: "v0.0.23"
+spec:
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      control-plane: controller-manager
+      app.kubernetes.io/name: hydra-maester
+      app.kubernetes.io/instance: hydra
+  template:
+    metadata:
+      labels:
+        control-plane: controller-manager
+        app.kubernetes.io/name: hydra-maester
+        app.kubernetes.io/instance: hydra
+      annotations:
+    spec:
+      containers:
+        - name: hydra-maester
+          image: reg.cadoles.com/proxy_cache/oryd/hydra-maester:v0.0.25
+          imagePullPolicy: IfNotPresent
+          envFrom:
+            - configMapRef:
+                name: hydra-maester-env
+          command:
+            - /manager
+          args:
+            - --metrics-addr=127.0.0.1:8080
+            - --hydra-url=$(HYDRA_ADMIN_BASE_URL)
+            - --hydra-port=$(HYDRA_ADMIN_PORT)
+            - --endpoint=/admin/clients
+          resources:
+            {}
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+              - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsNonRoot: true
+            runAsUser: 1000
+      serviceAccountName: hydra-maester-account
+      automountServiceAccountToken: true
+      nodeSelector:
diff --git a/resources/hydra/resources/hydra-maester/resources/hydra-maester-rbac.yaml b/resources/hydra/resources/hydra-maester/resources/hydra-maester-rbac.yaml
new file mode 100644
index 0000000..03548b3
--- /dev/null
+++ b/resources/hydra/resources/hydra-maester/resources/hydra-maester-rbac.yaml
@@ -0,0 +1,60 @@
+---
+# Source: hydra/charts/hydra-maester/templates/rbac.yaml
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: hydra-maester-account
+---
+# Source: hydra/charts/hydra-maester/templates/rbac.yaml
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: hydra-maester-role
+rules:
+  - apiGroups: ["hydra.ory.sh"]
+    resources: ["oauth2clients", "oauth2clients/status"]
+    verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
+  - apiGroups: [""]
+    resources: ["secrets"]
+    verbs: ["list", "watch", "create"]
+---
+# Source: hydra/charts/hydra-maester/templates/rbac.yaml
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: hydra-maester-role-binding
+subjects:
+  - kind: ServiceAccount
+    name: hydra-maester-account # Service account assigned to the controller pod.
+    namespace: default
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: hydra-maester-role
+---
+# Source: hydra/charts/hydra-maester/templates/rbac.yaml
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: hydra-maester-role
+rules:
+  - apiGroups: [""]
+    resources: ["secrets"]
+    verbs: ["get", "list", "watch", "create"]
+  - apiGroups: ["hydra.ory.sh"]
+    resources: ["oauth2clients", "oauth2clients/status"]
+    verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
+---
+# Source: hydra/charts/hydra-maester/templates/rbac.yaml
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: hydra-maester-role-binding
+subjects:
+  - kind: ServiceAccount
+    name: hydra-maester-account # Service account assigned to the controller pod.
+    namespace:  default
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: hydra-maester-role