diff --git a/pkg/supportbundle/collect.go b/pkg/supportbundle/collect.go
index 87ff2fcfb..5cb19d0f0 100644
--- a/pkg/supportbundle/collect.go
+++ b/pkg/supportbundle/collect.go
@@ -41,6 +41,9 @@ func runHostCollectors(ctx context.Context, hostCollectors []*troubleshootv1beta
 				return nil, err
 			}
 		}
+		if err := saveNodeList(opts, bundlePath); err != nil {
+			return nil, err
+		}
 		if err := collectRemoteHost(ctx, collectSpecs, bundlePath, opts, collectedData); err != nil {
 			return nil, err
 		}
@@ -340,3 +343,29 @@ func getGlobalRedactors(additionalRedactors *troubleshootv1beta2.Redactor) []*tr
 	}
 	return []*troubleshootv1beta2.Redact{}
 }
+
+func saveNodeList(opts SupportBundleCreateOpts, bundlePath string) error {
+	result := make(collect.CollectorResult)
+
+	clientset, err := kubernetes.NewForConfig(opts.KubernetesRestConfig)
+	if err != nil {
+		return errors.Wrap(err, "failed to create kubernetes clientset to run host collectors in pod")
+	}
+
+	nodeList, err := getNodeList(clientset, opts)
+	if err != nil {
+		return errors.Wrap(err, "failed to get remote node list")
+	}
+
+	nodeListBytes, err := json.MarshalIndent(nodeList, "", "  ")
+	if err != nil {
+		return errors.Wrap(err, "failed to marshal remote node list")
+	}
+
+	err = result.SaveResult(bundlePath, constants.NODE_LIST_FILE, bytes.NewBuffer(nodeListBytes))
+	if err != nil {
+		return errors.Wrap(err, "failed to write remote node list")
+	}
+
+	return nil
+}
diff --git a/pkg/supportbundle/rbac.go b/pkg/supportbundle/rbac.go
index 0ed58a9fa..75c049327 100644
--- a/pkg/supportbundle/rbac.go
+++ b/pkg/supportbundle/rbac.go
@@ -34,34 +34,50 @@ func checkRemoteCollectorRBAC(ctx context.Context, clientConfig *rest.Config, ti
 
 	var forbidden []error
 
-	spec := authorizationv1.SelfSubjectAccessReviewSpec{
-		ResourceAttributes: &authorizationv1.ResourceAttributes{
-			Namespace:   namespace,
-			Verb:        "create,delete",
-			Group:       "",
-			Version:     "",
-			Resource:    "pods,configmap",
-			Subresource: "",
-			Name:        "",
+	resourceAttributesList := []authorizationv1.ResourceAttributes{
+		{
+			Namespace: namespace,
+			Verb:      "create",
+			Resource:  "pods",
+		},
+		{
+			Namespace: namespace,
+			Verb:      "delete",
+			Resource:  "pods",
+		},
+		{
+			Verb:     "list",
+			Resource: "nodes",
+		},
+		{
+			Namespace: namespace,
+			Verb:      "create",
+			Resource:  "configmaps",
 		},
-		NonResourceAttributes: nil,
 	}
 
-	sar := &authorizationv1.SelfSubjectAccessReview{
-		Spec: spec,
-	}
-	resp, err := client.AuthorizationV1().SelfSubjectAccessReviews().Create(ctx, sar, metav1.CreateOptions{})
-	if err != nil {
-		return errors.Wrap(err, "failed to run subject review")
-	}
+	for _, resourceAttributes := range resourceAttributesList {
+		spec := authorizationv1.SelfSubjectAccessReviewSpec{
+			ResourceAttributes: &resourceAttributes,
+		}
+
+		sar := &authorizationv1.SelfSubjectAccessReview{
+			Spec: spec,
+		}
+
+		resp, err := client.AuthorizationV1().SelfSubjectAccessReviews().Create(ctx, sar, metav1.CreateOptions{})
+		if err != nil {
+			return errors.Wrap(err, "failed to run subject review")
+		}
 
-	if !resp.Status.Allowed {
-		forbidden = append(forbidden, collect.RBACError{
-			DisplayName: title,
-			Namespace:   spec.ResourceAttributes.Namespace,
-			Resource:    spec.ResourceAttributes.Resource,
-			Verb:        spec.ResourceAttributes.Verb,
-		})
+		if !resp.Status.Allowed {
+			forbidden = append(forbidden, collect.RBACError{
+				DisplayName: title,
+				Namespace:   spec.ResourceAttributes.Namespace,
+				Resource:    spec.ResourceAttributes.Resource,
+				Verb:        spec.ResourceAttributes.Verb,
+			})
+		}
 	}
 
 	if len(forbidden) > 0 {