diff --git a/charts/beekeeper/Chart.yaml b/charts/beekeeper/Chart.yaml
index 4c52bac..2a769a7 100644
--- a/charts/beekeeper/Chart.yaml
+++ b/charts/beekeeper/Chart.yaml
@@ -1,7 +1,7 @@
 apiVersion: v1
 appVersion: latest
 name: beekeeper
-version: 0.1.1
+version: 0.1.2
 description: Ethereum Swarm Beekeeper Helm chart for Kubernetes
 home: https://swarm.ethereum.org
 icon: https://swarm-guide.readthedocs.io/en/latest/_images/swarm.png
diff --git a/charts/beekeeper/templates/clusterrole.yaml b/charts/beekeeper/templates/clusterrole.yaml
new file mode 100644
index 0000000..4754a87
--- /dev/null
+++ b/charts/beekeeper/templates/clusterrole.yaml
@@ -0,0 +1,82 @@
+{{- if and .Values.serviceAccount.create .Values.serviceAccount.createClusterRole -}}
+---
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+  name: {{ include "beekeeper.serviceAccountName" . }}
+  labels:
+{{ include "beekeeper.labels" . | nindent 4 }}
+rules:
+- apiGroups: [""]
+  resources:
+  - services
+  - events
+  - namespaces
+  verbs: ["*"]
+- apiGroups: [""]
+  resources: ["endpoints"]
+  verbs: ["create", "get", "list", "watch", "update"]
+- apiGroups: ["batch"]
+  resources: ["jobs"]
+  verbs: ["get", "list", "watch", "create", "update", "delete"]
+- apiGroups: [""]
+  resources: ["secrets"]
+  verbs: ["get", "list", "watch"]
+- apiGroups: [""]
+  resources: ["persistentvolumeclaims"]
+  verbs: ["get", "list", "watch", "create", "update", "delete"]
+- apiGroups: [""]
+  resources: ["pods"]
+  verbs: ["get", "list", "watch","update", "delete"]
+- apiGroups: ["apps"]
+  resources: ["statefulsets"]
+  verbs: ["*"]
+- apiGroups: [""]
+  resources: ["configmaps"]
+  verbs: ["get", "list", "watch"]
+- apiGroups: [""]
+  resources: ["nodes"]
+  verbs: ["get", "list", "watch"]
+- apiGroups: [""]
+  resources: ["persistentvolumes"]
+  verbs: ["get", "list", "watch", "patch","update"]
+- apiGroups: ["certificates.k8s.io"]
+  resources: ["certificatesigningrequests", "certificatesigningrequests/approval"]
+  verbs: ["get", "delete", "create", "update"]
+- apiGroups: ["certificates.k8s.io"]
+  resources:
+    - "signers"
+  resourceNames:
+    - "kubernetes.io/legacy-unknown"
+  verbs: ["approve"]
+- apiGroups: [""]
+  resources: ["secrets"]
+  verbs: ["get", "create", "list", "watch", "update", "delete"]
+- apiGroups: ["admissionregistration.k8s.io"]
+  resources: ["mutatingwebhookconfigurations","validatingwebhookconfigurations"]
+  verbs: ["get", "create", "delete", "update", "patch"]
+- apiGroups: ["pingcap.com"]
+  resources:
+    - podchaos
+    - networkchaos
+    - iochaos
+    - timechaos
+    - kernelchaos
+    - stresschaos
+  verbs: ["*"]
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+  name: {{ include "beekeeper.serviceAccountName" . }}
+  labels:
+{{ include "beekeeper.labels" . | nindent 4 }}
+subjects:
+- kind: ServiceAccount
+  name: {{ include "beekeeper.serviceAccountName" . }}
+  namespace: {{ .Release.Namespace }}
+roleRef:
+  kind: ClusterRole
+  name: {{ include "beekeeper.serviceAccountName" . }}
+  apiGroup: rbac.authorization.k8s.io
+{{- end -}}
\ No newline at end of file
diff --git a/charts/beekeeper/templates/fileretrieval.yaml b/charts/beekeeper/templates/fileretrieval.yaml
index 4fe3088..98b6a58 100644
--- a/charts/beekeeper/templates/fileretrieval.yaml
+++ b/charts/beekeeper/templates/fileretrieval.yaml
@@ -18,6 +18,7 @@ spec:
     spec:
       template:
         spec:
+          serviceAccountName: {{ include "beekeeper.serviceAccountName" . }}
           containers:
             - name: {{ .Chart.Name }}
               image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
diff --git a/charts/beekeeper/templates/fileretrievalfull.yaml b/charts/beekeeper/templates/fileretrievalfull.yaml
index f46535d..8532849 100644
--- a/charts/beekeeper/templates/fileretrievalfull.yaml
+++ b/charts/beekeeper/templates/fileretrievalfull.yaml
@@ -18,6 +18,7 @@ spec:
     spec:
       template:
         spec:
+          serviceAccountName: {{ include "beekeeper.serviceAccountName" . }}
           containers:
             - name: {{ .Chart.Name }}
               image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
diff --git a/charts/beekeeper/templates/pingpong.yaml b/charts/beekeeper/templates/pingpong.yaml
index 905adbb..ce8b8e0 100644
--- a/charts/beekeeper/templates/pingpong.yaml
+++ b/charts/beekeeper/templates/pingpong.yaml
@@ -18,6 +18,7 @@ spec:
     spec:
       template:
         spec:
+          serviceAccountName: {{ include "beekeeper.serviceAccountName" . }}
           containers:
             - name: {{ .Chart.Name }}
               image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
diff --git a/charts/beekeeper/templates/pushsync.yaml b/charts/beekeeper/templates/pushsync.yaml
index ff42214..eee0deb 100644
--- a/charts/beekeeper/templates/pushsync.yaml
+++ b/charts/beekeeper/templates/pushsync.yaml
@@ -18,6 +18,7 @@ spec:
     spec:
       template:
         spec:
+          serviceAccountName: {{ include "beekeeper.serviceAccountName" . }}
           containers:
             - name: {{ .Chart.Name }}
               image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
diff --git a/charts/beekeeper/templates/pushsyncchunks.yaml b/charts/beekeeper/templates/pushsyncchunks.yaml
index 0341d6f..04fbd23 100644
--- a/charts/beekeeper/templates/pushsyncchunks.yaml
+++ b/charts/beekeeper/templates/pushsyncchunks.yaml
@@ -18,6 +18,7 @@ spec:
     spec:
       template:
         spec:
+          serviceAccountName: {{ include "beekeeper.serviceAccountName" . }}
           containers:
             - name: {{ .Chart.Name }}
               image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
diff --git a/charts/beekeeper/templates/retrieval.yaml b/charts/beekeeper/templates/retrieval.yaml
index 24cb277..fb90e47 100644
--- a/charts/beekeeper/templates/retrieval.yaml
+++ b/charts/beekeeper/templates/retrieval.yaml
@@ -18,6 +18,7 @@ spec:
     spec:
       template:
         spec:
+          serviceAccountName: {{ include "beekeeper.serviceAccountName" . }}
           containers:
             - name: {{ .Chart.Name }}
               image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
diff --git a/charts/beekeeper/templates/role.yaml b/charts/beekeeper/templates/role.yaml
new file mode 100644
index 0000000..a006443
--- /dev/null
+++ b/charts/beekeeper/templates/role.yaml
@@ -0,0 +1,59 @@
+{{- if and .Values.serviceAccount.create .Values.serviceAccount.createRole -}}
+---
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+  namespace: {{ .Release.Namespace }}
+  name: {{ include "beekeeper.serviceAccountName" . }}
+  labels:
+{{ include "beekeeper.labels" . | nindent 4 }}
+rules:
+- apiGroups: [""]
+  resources:
+    - services
+    - events
+    - namespaces
+  verbs: ["*"]
+- apiGroups: [""]
+  resources: ["endpoints"]
+  verbs: ["create", "get", "list", "watch", "update"]
+- apiGroups: ["batch"]
+  resources: ["jobs"]
+  verbs: ["get", "list", "watch", "create", "update", "delete"]
+- apiGroups: [""]
+  resources: ["secrets"]
+  verbs: ["get", "list", "watch"]
+- apiGroups: [""]
+  resources: ["persistentvolumeclaims"]
+  verbs: ["get", "list", "watch", "create", "update", "delete"]
+- apiGroups: [""]
+  resources: ["pods"]
+  verbs: ["get", "list", "watch","update", "delete"]
+- apiGroups: ["apps"]
+  resources: ["statefulsets"]
+  verbs: ["*"]
+- apiGroups: ["pingcap.com"]
+  resources:
+  - podchaos
+  - networkchaos
+  - iochaos
+  - timechaos
+  - kernelchaos
+  - stresschaos
+  verbs: ["*"]
+---
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+  namespace: {{ .Release.Namespace }}
+  name: {{ include "beekeeper.serviceAccountName" . }}
+  labels:
+{{ include "beekeeper.labels" . | nindent 4 }}
+subjects:
+- kind: ServiceAccount
+  name: {{ include "beekeeper.serviceAccountName" . }}
+roleRef:
+  kind: Role
+  name: {{ include "beekeeper.serviceAccountName" . }}
+  apiGroup: rbac.authorization.k8s.io
+{{- end -}}
\ No newline at end of file
diff --git a/charts/beekeeper/templates/serviceaccount.yaml b/charts/beekeeper/templates/serviceaccount.yaml
new file mode 100644
index 0000000..8fa547c
--- /dev/null
+++ b/charts/beekeeper/templates/serviceaccount.yaml
@@ -0,0 +1,10 @@
+{{- if .Values.serviceAccount.create -}}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  namespace: {{ .Release.Namespace }}
+  name: {{ include "beekeeper.serviceAccountName" . }}
+  labels:
+{{ include "beekeeper.labels" . | nindent 4 }}
+{{- end -}}
\ No newline at end of file
diff --git a/charts/beekeeper/values.yaml b/charts/beekeeper/values.yaml
index b539ab9..a2102ee 100644
--- a/charts/beekeeper/values.yaml
+++ b/charts/beekeeper/values.yaml
@@ -7,6 +7,16 @@ imagePullSecrets: []
 nameOverride: ""
 fullnameOverride: ""
 
+serviceAccount:
+  ## Specifies whether a service account should be created
+  create: false
+  ## Name of the service account to use
+  ## if not set and create is true, a name is generated using the fullname template
+  name:
+  ## create role or/and cluster role for the service account
+  createRole: false
+  createClusterRole: false
+
 nodeSelector: {}
 
 beeCluster: