diff --git a/deploy/201-role-webhook.yaml b/deploy/201-role-webhook.yaml
deleted file mode 100644
index b0aaff01ad..0000000000
--- a/deploy/201-role-webhook.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: shipwright-build-webhook
-rules:
-- apiGroups:
-  - ""
-  resources:
-  - pods
-  - events
-  - configmaps
-  - secrets
-  - limitranges
-  - namespaces
-  - services
-  verbs:
-  - '*'
-- apiGroups:
-  - admissionregistration.k8s.io
-  - admissionregistration.k8s.io/v1beta1
-  resources:
-  - validatingwebhookconfigurations
-  verbs:
-  - '*'
diff --git a/deploy/301-rolebinding-webhook.yaml b/deploy/301-rolebinding-webhook.yaml
deleted file mode 100644
index 68ae485559..0000000000
--- a/deploy/301-rolebinding-webhook.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: shipwright-build-webhook
-  namespace: shipwright-build
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: shipwright-build-webhook
-subjects:
-- kind: ServiceAccount
-  name: shipwright-build-webhook
-  namespace: shipwright-build
\ No newline at end of file
diff --git a/deploy/700-deployment-webhook.yaml b/deploy/700-deployment-webhook.yaml
index 4138ebdfc7..821c0a1d58 100644
--- a/deploy/700-deployment-webhook.yaml
+++ b/deploy/700-deployment-webhook.yaml
@@ -22,6 +22,7 @@ spec:
       labels:
         name: shp-build-webhook
     spec:
+      automountServiceAccountToken: false
       securityContext:
         runAsNonRoot: true
       serviceAccountName: shipwright-build-webhook