diff --git a/examples/rbac/nginx/README.md b/examples/rbac/nginx/README.md
index 3fee21b69..2ba899907 100644
--- a/examples/rbac/nginx/README.md
+++ b/examples/rbac/nginx/README.md
@@ -37,6 +37,7 @@ able to function as an ingress across the cluster.  These permissions are
 granted to the ClusterRole named `nginx-ingress-clusterrole`
 
 * `configmaps`, `endpoints`, `nodes`, `pods`, `secrets`: list, watch
+* `nodes`: get
 * `services`, `ingresses`: get, list, watch
 * `events`: create, patch
 * `ingresses/status`: update
diff --git a/examples/rbac/nginx/nginx-ingress-controller-rbac.yml b/examples/rbac/nginx/nginx-ingress-controller-rbac.yml
index 87f97b58d..a3e534ac5 100644
--- a/examples/rbac/nginx/nginx-ingress-controller-rbac.yml
+++ b/examples/rbac/nginx/nginx-ingress-controller-rbac.yml
@@ -25,6 +25,12 @@ rules:
     verbs:
       - list
       - watch
+  - apiGroups:
+      - ""
+    resources:
+      - nodes
+    verbs:
+      - get
   - apiGroups:
       - ""
     resources: