diff --git a/chart/keel/README.md b/chart/keel/README.md
index 0e9ed83a..3107161a 100644
--- a/chart/keel/README.md
+++ b/chart/keel/README.md
@@ -106,6 +106,7 @@ The following table lists has the main configurable parameters (polling, trigger
 | `webhookRelay.key`                | WebhookRelay key                       |                                                           |
 | `webhookRelay.secret`             | WebhookRelay secret                    |                                                           |
 | `webhookRelay.bucket`             | WebhookRelay bucket                    |                                                           |
+| `rbac.enabled`                    | Enable/disable RBAC installation       | `false`                                                   |
 
 Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`.
 
diff --git a/chart/keel/templates/clusterrole.yaml b/chart/keel/templates/clusterrole.yaml
new file mode 100644
index 00000000..6c94c30a
--- /dev/null
+++ b/chart/keel/templates/clusterrole.yaml
@@ -0,0 +1,39 @@
+{{- if .Values.rbac.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "name" . }}
+rules:
+  - apiGroups:
+      - ""
+    resources:
+      - namespaces
+    verbs:
+      - watch
+      - list
+  - apiGroups:
+      - ""
+      - extensions
+      - apps
+    resources:
+      - pods
+      - replicasets
+      - replicationcontrollers
+      - statefulsets
+      - deployments
+      - daemonsets
+      - jobs
+    verbs:
+      - get
+      - watch
+      - list
+      - update
+  - apiGroups:
+      - ""
+    resources:
+      - configmaps
+    verbs:
+      - get
+      - create
+      - update
+{{ end }}
diff --git a/chart/keel/templates/clusterrolebinding.yaml b/chart/keel/templates/clusterrolebinding.yaml
new file mode 100644
index 00000000..1c3f60d0
--- /dev/null
+++ b/chart/keel/templates/clusterrolebinding.yaml
@@ -0,0 +1,14 @@
+{{- if .Values.rbac.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "name" . }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "name" . }}
+    namespace: kube-system
+{{ end }}
diff --git a/chart/keel/templates/deployment.yaml b/chart/keel/templates/deployment.yaml
index 95dd56a2..c04075f7 100644
--- a/chart/keel/templates/deployment.yaml
+++ b/chart/keel/templates/deployment.yaml
@@ -8,8 +8,6 @@ metadata:
     chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
     release: {{ .Release.Name }}
     heritage: {{ .Release.Service }}
-  annotations:
-    kubernetes.io/service-account.name: keel
 spec:
   replicas: 1
   template:
@@ -17,6 +15,7 @@ spec:
       labels:
         app: {{ template "name" . }}
     spec:
+      serviceAccountName: {{ template "name" . }}
       containers:
         - name: keel
           image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
diff --git a/chart/keel/values.yaml b/chart/keel/values.yaml
index 5b7010af..716cd6b2 100644
--- a/chart/keel/values.yaml
+++ b/chart/keel/values.yaml
@@ -73,6 +73,10 @@ keel:
    - repository: image.repository
      tag: image.tag
 
+# RBAC manifests management
+rbac:
+  enabled: false
+
 # Resources
 resources:
   limits: