diff --git a/templates/deployment.yaml b/templates/deployment.yaml
index dff79cb..dbf8648 100644
--- a/templates/deployment.yaml
+++ b/templates/deployment.yaml
@@ -40,6 +40,7 @@ spec:
       {{- if or (eq .Values.serviceAccount.create true) (ne .Values.serviceAccount.name "") }}
       serviceAccountName: {{ .Values.serviceAccount.name | default (include "docker-registry.fullname" .) }}
       {{- end }}
+      automountServiceAccountToken: {{ .Values.automountServiceAccountToken }}
       {{- if .Values.imagePullSecrets }}
       imagePullSecrets: {{ toYaml .Values.imagePullSecrets | nindent 8 }}
       {{- end }}
diff --git a/templates/serviceaccount.yaml b/templates/serviceaccount.yaml
index 6cef434..2fd20d8 100644
--- a/templates/serviceaccount.yaml
+++ b/templates/serviceaccount.yaml
@@ -1,6 +1,7 @@
 {{- if .Values.serviceAccount.create -}}
 apiVersion: v1
 kind: ServiceAccount
+automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }}
 metadata:
   labels:
     app: {{ template "docker-registry.name" . }}
diff --git a/values.yaml b/values.yaml
index 4bdab45..a3161df 100644
--- a/values.yaml
+++ b/values.yaml
@@ -12,10 +12,13 @@ updateStrategy: {}
 podAnnotations: {}
 podLabels: {}
 
+automountServiceAccountToken: false
+
 serviceAccount:
   create: false
   name: ""
   annotations: {}
+  automountServiceAccountToken: false
 
 image:
   repository: registry
@@ -177,6 +180,8 @@ securityContext:
   sysctls: []
   supplementalGroups: []
   fsGroup: 1000
+  seccompProfile:
+    type: RuntimeDefault
 
 priorityClassName: ""