3 files changed, 10 insertions, 0 deletions

diff --git a/kubernetes/common/certInitializer/Chart.yaml b/kubernetes/common/certInitializer/Chart.yaml
index e1bb478d8a..d70b1de52b 100644
--- a/kubernetes/common/certInitializer/Chart.yaml
+++ b/kubernetes/common/certInitializer/Chart.yaml
@@ -29,3 +29,6 @@ dependencies:
   - name: repositoryGenerator
     version: ~13.x-0
     repository: 'file://../repositoryGenerator'
+  - name: serviceAccount
+    version: ~13.x-0
+    repository: '@local'
diff --git a/kubernetes/common/certInitializer/templates/job.yaml b/kubernetes/common/certInitializer/templates/job.yaml
index 84a3e87098..3120455300 100644
--- a/kubernetes/common/certInitializer/templates/job.yaml
+++ b/kubernetes/common/certInitializer/templates/job.yaml
@@ -36,6 +36,7 @@ spec:
         volumeMounts: {{ include "common.certInitializer.volumeMount" (dict "dot" . "initRoot" .Values) | nindent 8 }}
         - name: ingress-scripts
           mountPath: /ingress
+      serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
       volumes: {{ include "common.certInitializer.volumes" (dict "dot" . "initRoot" .Values) | nindent 6 }}
       - name: localtime
         hostPath:
diff --git a/kubernetes/common/certInitializer/values.yaml b/kubernetes/common/certInitializer/values.yaml
index 747c94f4d1..0fde2cf532 100644
--- a/kubernetes/common/certInitializer/values.yaml
+++ b/kubernetes/common/certInitializer/values.yaml
@@ -70,3 +70,9 @@ envVarToCheck: cadi_keystore_password_p12
 # We had to move this CM to a separate chart to reduce the total size of our charts
 # as it exceeds the default helm limits.
 certsCMName: '{{ include "common.release" . }}-cert-wrapper-certs'
+
+#Pods Service Account
+serviceAccount:
+  nameOverride: certinitializer
+  roles:
+    - read
\ No newline at end of file