Create a Cluster Role but only use RoleBinding to give access for only 2 specific namespaces (otherwise all namespaces like ClusterRoleBinding)

manifest.yml

apiVersion: v1
kind: ServiceAccount
metadata:
  name: myapp
  namespace: mynamespace
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  namespace: mynamespace
  name: myapp
rules:
  - apiGroups: [""]
    resources: 
      - "secrets"
      - "pods"
      - "configmaps"
      - "services"
      - "deployments"
      - "replicasets"
      - "horizontalpodautoscalers"
      - "ingresses"
    verbs: ["*"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: myapp
  namespace: mynamespace
subjects:
  - kind: ServiceAccount
    name: myapp
    namespace: mynamespace
roleRef:
  kind: ClusterRole
  name: myapp
  apiGroup: rbac.authorization.k8s.io
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: myapp
  namespace: default
subjects:
  - kind: ServiceAccount
    name: myapp
    namespace: other-namespace
roleRef:
  kind: ClusterRole
  name: myapp
  apiGroup: rbac.authorization.k8s.io