diff --git a/pkg/amphoracontrollers/daemonset.go b/pkg/amphoracontrollers/daemonset.go
index f1ab0046..5c1bed4f 100644
--- a/pkg/amphoracontrollers/daemonset.go
+++ b/pkg/amphoracontrollers/daemonset.go
@@ -147,6 +147,7 @@ func DaemonSet(
 					},
 					TerminationGracePeriodSeconds: &terminationGracePeriodSeconds,
 					ServiceAccountName:            instance.Spec.ServiceAccount,
+					AutomountServiceAccountToken:  ptr.To(false),
 					Containers: []corev1.Container{
 						{
 							Name:            serviceName,
diff --git a/pkg/octavia/dbsync.go b/pkg/octavia/dbsync.go
index c167b9ae..aa59b16a 100644
--- a/pkg/octavia/dbsync.go
+++ b/pkg/octavia/dbsync.go
@@ -68,8 +68,9 @@ func DbSyncJob(
 					SecurityContext: &corev1.PodSecurityContext{
 						FSGroup: ptr.To(OctaviaUID),
 					},
-					RestartPolicy:      corev1.RestartPolicyOnFailure,
-					ServiceAccountName: instance.RbacResourceName(),
+					RestartPolicy:                corev1.RestartPolicyOnFailure,
+					ServiceAccountName:           instance.RbacResourceName(),
+					AutomountServiceAccountToken: ptr.To(false),
 					Containers: []corev1.Container{
 						{
 							Name:            ServiceName + "-db-sync",
diff --git a/pkg/octavia/image_upload_deployment.go b/pkg/octavia/image_upload_deployment.go
index 81752635..785ca96a 100644
--- a/pkg/octavia/image_upload_deployment.go
+++ b/pkg/octavia/image_upload_deployment.go
@@ -23,6 +23,7 @@ import (
 	appsv1 "k8s.io/api/apps/v1"
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/utils/ptr"
 )
 
 type ImageUploadDetails struct {
@@ -107,7 +108,8 @@ func ImageUploadDeployment(
 					Labels: labels,
 				},
 				Spec: corev1.PodSpec{
-					ServiceAccountName: instance.RbacResourceName(),
+					ServiceAccountName:           instance.RbacResourceName(),
+					AutomountServiceAccountToken: ptr.To(false),
 					Containers: []corev1.Container{
 						{
 							Name: "octavia-amphora-httpd",
diff --git a/pkg/octaviaapi/deployment.go b/pkg/octaviaapi/deployment.go
index e8d6e078..3575d6cc 100644
--- a/pkg/octaviaapi/deployment.go
+++ b/pkg/octaviaapi/deployment.go
@@ -158,7 +158,8 @@ func Deployment(
 					SecurityContext: &corev1.PodSecurityContext{
 						FSGroup: ptr.To(octavia.OctaviaUID),
 					},
-					ServiceAccountName: instance.Spec.ServiceAccount,
+					ServiceAccountName:           instance.Spec.ServiceAccount,
+					AutomountServiceAccountToken: ptr.To(false),
 					Containers: []corev1.Container{
 						{
 							Name: serviceName,
diff --git a/pkg/octaviarsyslog/daemonset.go b/pkg/octaviarsyslog/daemonset.go
index a5ede1e5..1163c52d 100644
--- a/pkg/octaviarsyslog/daemonset.go
+++ b/pkg/octaviarsyslog/daemonset.go
@@ -103,7 +103,8 @@ func DaemonSet(
 					Labels:      labels,
 				},
 				Spec: corev1.PodSpec{
-					ServiceAccountName: instance.Spec.ServiceAccount,
+					ServiceAccountName:           instance.Spec.ServiceAccount,
+					AutomountServiceAccountToken: ptr.To(false),
 					Containers: []corev1.Container{
 						{
 							Name:           serviceName,
diff --git a/tests/kuttl/common/assert_sample_deployment.yaml b/tests/kuttl/common/assert_sample_deployment.yaml
index d7001f6d..38832269 100644
--- a/tests/kuttl/common/assert_sample_deployment.yaml
+++ b/tests/kuttl/common/assert_sample_deployment.yaml
@@ -98,6 +98,7 @@ spec:
                   - octavia-api
               topologyKey: kubernetes.io/hostname
             weight: 100
+      automountServiceAccountToken: false
       containers:
       - args:
         - -c