diff --git a/src/main/kotlin/kr/co/vividnext/sodalive/admin/audition/role/AdminAuditionRoleController.kt b/src/main/kotlin/kr/co/vividnext/sodalive/admin/audition/role/AdminAuditionRoleController.kt
index f13a248..947f132 100644
--- a/src/main/kotlin/kr/co/vividnext/sodalive/admin/audition/role/AdminAuditionRoleController.kt
+++ b/src/main/kotlin/kr/co/vividnext/sodalive/admin/audition/role/AdminAuditionRoleController.kt
@@ -2,6 +2,7 @@ package kr.co.vividnext.sodalive.admin.audition.role
 
 import kr.co.vividnext.sodalive.common.ApiResponse
 import org.springframework.data.domain.Pageable
+import org.springframework.security.access.prepost.PreAuthorize
 import org.springframework.web.bind.annotation.GetMapping
 import org.springframework.web.bind.annotation.PathVariable
 import org.springframework.web.bind.annotation.PostMapping
@@ -12,6 +13,7 @@ import org.springframework.web.bind.annotation.RestController
 import org.springframework.web.multipart.MultipartFile
 
 @RestController
+@PreAuthorize("hasRole('ADMIN')")
 @RequestMapping("/admin/audition/role")
 class AdminAuditionRoleController(private val service: AdminAuditionRoleService) {
     @PostMapping