diff --git a/charts/vaultwarden/Chart.yaml b/charts/vaultwarden/Chart.yaml
index 84f324c..2cf7161 100644
--- a/charts/vaultwarden/Chart.yaml
+++ b/charts/vaultwarden/Chart.yaml
@@ -13,5 +13,5 @@ maintainers:
   - name: guerzon
     email: guerzon@proton.me
     url: https://github.com/guerzon
-version: 0.18.1
+version: 0.18.2
 kubeVersion: ">=1.12.0-0"
diff --git a/charts/vaultwarden/templates/_podSpec.tpl b/charts/vaultwarden/templates/_podSpec.tpl
index 2b77bac..e83fd10 100644
--- a/charts/vaultwarden/templates/_podSpec.tpl
+++ b/charts/vaultwarden/templates/_podSpec.tpl
@@ -11,6 +11,10 @@ affinity:
 tolerations:
 {{- toYaml . | nindent 8 }}
 {{- end }}
+{{- with .Values.podSecurityContext }}
+securityContext:
+  {{- toYaml . | nindent 8 }}
+{{- end }}
 {{- with .Values.initContainers }}
 initContainers:
 {{- toYaml . | nindent 8 }}
diff --git a/charts/vaultwarden/values.yaml b/charts/vaultwarden/values.yaml
index c24a826..35bd5bd 100644
--- a/charts/vaultwarden/values.yaml
+++ b/charts/vaultwarden/values.yaml
@@ -253,7 +253,23 @@ startupProbe:
   ##
   failureThreshold: 10
 
+## Pod security options
+podSecurityContext: {}
+  # fsGroup: 1001
+  # supplementalGroups:
+  #   - 1001
+
+## Default security options to run vault as read only container without privilege escalation
 securityContext: {}
+  # allowPrivilegeEscalation: false
+  # privileged: false
+  # readOnlyRootFilesystem: true
+  # runAsNonRoot: true
+  # runAsGroup: 1001
+  # runAsUser: 1001
+  # capabilities:
+  #   drop:
+  #     - ALL
 
 ## Service configuration
 service: