diff --git a/charts/mlrun-ce/Chart.yaml b/charts/mlrun-ce/Chart.yaml
index 7129a582..657e54db 100644
--- a/charts/mlrun-ce/Chart.yaml
+++ b/charts/mlrun-ce/Chart.yaml
@@ -1,5 +1,5 @@
 apiVersion: v1
-version: 0.6.3-rc5
+version: 0.6.3-rc6
 name: mlrun-ce
 description: MLRUn Open Source Stack
 home: https://iguazio.com
diff --git a/charts/mlrun-ce/templates/jupyter-notebook/deployment.yaml b/charts/mlrun-ce/templates/jupyter-notebook/deployment.yaml
index b041808a..3dc27524 100644
--- a/charts/mlrun-ce/templates/jupyter-notebook/deployment.yaml
+++ b/charts/mlrun-ce/templates/jupyter-notebook/deployment.yaml
@@ -15,8 +15,8 @@ spec:
       labels:
         {{- include "mlrun-ce.jupyter.selectorLabels" . | nindent 8 }}
     spec:
-{{- if  .Values.jupyterNotebook.serviceAccount }}
-      serviceAccount: {{ .Values.jupyterNotebook.serviceAccount }}
+{{- if  .Values.jupyterNotebook.serviceAccount.name }}
+      serviceAccount: {{ .Values.jupyterNotebook.serviceAccount.name }}
 {{- end }}
       securityContext:
         runAsUser: 1000
diff --git a/charts/mlrun-ce/templates/jupyter-notebook/role-binding.yaml b/charts/mlrun-ce/templates/jupyter-notebook/role-binding.yaml
new file mode 100644
index 00000000..edc78feb
--- /dev/null
+++ b/charts/mlrun-ce/templates/jupyter-notebook/role-binding.yaml
@@ -0,0 +1,13 @@
+{{- if .Values.jupyterNotebook.enabled -}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: jupyter-role-binding
+subjects:
+  - kind: ServiceAccount
+    name: {{ .Values.jupyterNotebook.serviceAccount.name }}
+roleRef:
+  kind: Role
+  name: jupyter-role
+  apiGroup: rbac.authorization.k8s.io
+{{- end -}}
diff --git a/charts/mlrun-ce/templates/jupyter-notebook/role.yaml b/charts/mlrun-ce/templates/jupyter-notebook/role.yaml
new file mode 100644
index 00000000..06d18fdb
--- /dev/null
+++ b/charts/mlrun-ce/templates/jupyter-notebook/role.yaml
@@ -0,0 +1,51 @@
+{{- if .Values.jupyterNotebook.enabled -}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: jupyter-role
+rules:
+  - apiGroups:
+    - ""
+    resources:
+    - pods
+    verbs:
+    - get
+    - list
+    - watch
+    - create
+    - delete
+  - apiGroups:
+    - ""
+    resources:
+    - pods/log
+    verbs:
+    - get
+    - list
+  - apiGroups:
+    - metrics.k8s.io
+    resources:
+    - pods
+    verbs:
+    - list
+    - get
+  - apiGroups:
+    - ""
+    resources:
+    - services
+    verbs:
+    - list
+    - get
+  - apiGroups:
+    - extensions
+    resources:
+    - ingresses
+    verbs:
+    - list
+    - get
+  - apiGroups:
+    - ""
+    resources:
+    - secrets
+    verbs:
+    - create
+{{- end -}}
diff --git a/charts/mlrun-ce/templates/jupyter-notebook/serviceaccount.yaml b/charts/mlrun-ce/templates/jupyter-notebook/serviceaccount.yaml
new file mode 100644
index 00000000..7a68a410
--- /dev/null
+++ b/charts/mlrun-ce/templates/jupyter-notebook/serviceaccount.yaml
@@ -0,0 +1,6 @@
+{{- if .Values.jupyterNotebook.serviceAccount.create -}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ .Values.jupyterNotebook.serviceAccount.name }}
+{{- end -}}
diff --git a/charts/mlrun-ce/values.yaml b/charts/mlrun-ce/values.yaml
index 2e6b786c..ba77183f 100644
--- a/charts/mlrun-ce/values.yaml
+++ b/charts/mlrun-ce/values.yaml
@@ -147,7 +147,10 @@ mlrun:
     mode: full
 
 jupyterNotebook:
-  awsInstall: false
+  serviceAccount:
+    create: true
+    name: mlrun-jupyter
+  awsInstall: false 
   fullnameOverride: mlrun-jupyter
   name: jupyter-notebook
   enabled: true