diff --git a/open-policy-agent/README.md b/open-policy-agent/README.md
index 34a5086..04d3f5f 100644
--- a/open-policy-agent/README.md
+++ b/open-policy-agent/README.md
@@ -21,7 +21,7 @@ Policy  | Description | Prerequisites
 [delete-kubeadmin](./authentication-user-management/delete-kubeadmin) | Validates the removal of the kubeadmin temporary user |
 [shorten-tokens](./authentication-user-management/shorten-tokens) | Validate that tokens are shorter than the defined lifespan period |
 [oauth-secured-identity-providers-only](./authentication-user-management/oauth-secured-identity-providers-only) | Ensures that only secured identityProviders are allowed in the cluster |
-[disallow-anonymous-users](./authentication/disallow-anonymous-users) | Ensures there are no anonymous users associated with any ClusterRole |
+[disallow-anonymous-users](./authentication/disallow-anonymous-users) | Ensures there are no anonymous users associated with any ClusterRole / Role |
 
 ### Authorization
 Policy  | Description | Prerequisites
diff --git a/open-policy-agent/authentication-user-management/disallow-anonymous-users/README.md b/open-policy-agent/authentication-user-management/disallow-anonymous-users/README.md
index a5e0ee5..0af6a9d 100644
--- a/open-policy-agent/authentication-user-management/disallow-anonymous-users/README.md
+++ b/open-policy-agent/authentication-user-management/disallow-anonymous-users/README.md
@@ -1,8 +1,8 @@
 # Disallow Anonymous Authentication
 
-The policy disallows associating the `system:anonymous` User and `system:unauthenticated` Group with any ClusterRole in the cluster.
+The policy disallows associating the `system:anonymous` User and `system:unauthenticated` Group with any ClusterRole / Role in the cluster.
 
-Associating unauthenticated users with ClusterRoles in the cluster may open a doorway for potential attacks. The unauthenticated users are not provided via an authorized identity provider, thereby, not secure.
+Associating unauthenticated users with ClusterRoles / Roles in the cluster may open a doorway for potential attacks. The unauthenticated users are not provided via an authorized identity provider, thereby, not secure.
 
 `This policy has been tested on openshift cluster & oc client version 4.8.4`
 
diff --git a/open-policy-agent/authentication-user-management/disallow-anonymous-users/constraint.yaml b/open-policy-agent/authentication-user-management/disallow-anonymous-users/constraint.yaml
index ba1e308..168cbf5 100644
--- a/open-policy-agent/authentication-user-management/disallow-anonymous-users/constraint.yaml
+++ b/open-policy-agent/authentication-user-management/disallow-anonymous-users/constraint.yaml
@@ -7,4 +7,6 @@ spec:
   match:
     kinds:
       - apiGroups: ["rbac.authorization.k8s.io"]
-        kinds: ["ClusterRoleBinding"]
\ No newline at end of file
+        kinds: ["ClusterRoleBinding"]
+      - apiGroups: ["rbac.authorization.k8s.io"]
+        kinds: ["RoleBinding"]
\ No newline at end of file
diff --git a/open-policy-agent/authentication-user-management/disallow-anonymous-users/template.yaml b/open-policy-agent/authentication-user-management/disallow-anonymous-users/template.yaml
index ddf0d27..e9e1c41 100644
--- a/open-policy-agent/authentication-user-management/disallow-anonymous-users/template.yaml
+++ b/open-policy-agent/authentication-user-management/disallow-anonymous-users/template.yaml
@@ -14,15 +14,12 @@ spec:
       rego: |
         package k8sdisallowanonymous
         violation[{"msg": msg}] {
-          input.review.object.kind == "ClusterRoleBinding"
           review(input.review.object.subjects[_])
-          msg := sprintf("Unauthenticated user is not allowed in ClusterRoleBinding %v ", [input.review.object.metadata.name])
+          msg := sprintf("Unauthenticated user reference is not allowed in %v %v ", [input.review.object.kind, input.review.object.metadata.name])
         }
-
         review(subject) = true {
           subject.name == "system:unauthenticated"
         }
-
         review(subject) = true {
           subject.name == "system:anonymous"
-        }
\ No newline at end of file
+        }   
\ No newline at end of file
diff --git a/redhat-acm/authentication-user-management/gatekeeper-disallow-anonymous-auth/README.md b/redhat-acm/authentication-user-management/gatekeeper-disallow-anonymous-auth/README.md
index d64347a..8397e4d 100644
--- a/redhat-acm/authentication-user-management/gatekeeper-disallow-anonymous-auth/README.md
+++ b/redhat-acm/authentication-user-management/gatekeeper-disallow-anonymous-auth/README.md
@@ -1,7 +1,7 @@
 # Disallow Anonymous Authentication
 
-The policy disallows associating the `system:anonymous` User and `system:unauthenticated` Group with any ClusterRole in the cluster.
+The policy disallows associating the `system:anonymous` User and `system:unauthenticated` Group with any ClusterRole / Role in the cluster.
 
-Associating unauthenticated users with ClusterRoles in the cluster may open a doorway for potential attacks. The unauthenticated users are not provided via an authorized identity provider, thereby, not secure.
+Associating unauthenticated users with ClusterRoles / Roles in the cluster may open a doorway for potential attacks. The unauthenticated users are not provided via an authorized identity provider, thereby, not secure.
 
 The policy uses the next [Gatekeeper policy](../../../open-policy-agent/authentication-user-management/disallow-anonymous-users/) in order to function.
diff --git a/redhat-acm/authentication-user-management/gatekeeper-disallow-anonymous-auth/gatekeeper-disallow-anonymous-auth.yaml b/redhat-acm/authentication-user-management/gatekeeper-disallow-anonymous-auth/gatekeeper-disallow-anonymous-auth.yaml
index 0af8ce9..f7fac21 100644
--- a/redhat-acm/authentication-user-management/gatekeeper-disallow-anonymous-auth/gatekeeper-disallow-anonymous-auth.yaml
+++ b/redhat-acm/authentication-user-management/gatekeeper-disallow-anonymous-auth/gatekeeper-disallow-anonymous-auth.yaml
@@ -1,4 +1,3 @@
----
 apiVersion: policy.open-cluster-management.io/v1
 kind: Policy
 metadata:
@@ -38,9 +37,8 @@ spec:
                       rego: |
                         package k8sdisallowanonymous
                         violation[{"msg": msg}] {
-                          input.review.object.kind == "ClusterRoleBinding"
                           review(input.review.object.subjects[_])
-                          msg := sprintf("Unauthenticated user is not allowed in ClusterRoleBinding %v ", [input.review.object.metadata.name])
+                          msg := sprintf("Unauthenticated user reference is not allowed in %v %v ", [input.review.object.kind, input.review.object.metadata.name])
                         }
 
                         review(subject) = true {
@@ -62,6 +60,8 @@ spec:
                     kinds:
                       - apiGroups: ["rbac.authorization.k8s.io"]
                         kinds: ["ClusterRoleBinding"]
+                      - apiGroups: ["rbac.authorization.k8s.io"]
+                        kinds: ["RoleBinding"]
     - objectDefinition:
         apiVersion: policy.open-cluster-management.io/v1
         kind: ConfigurationPolicy
@@ -123,4 +123,4 @@ spec:
       type: ManagedClusterConditionAvailable
   clusterSelector:
     matchExpressions:
-      - { key: environment, operator: In, values: ["dev"] }
+      - { key: environment, operator: In, values: ["dev"] }
\ No newline at end of file