diff --git a/scanner/k8s-assets/chart/k8s-assets-scanner/templates/cronjob.yaml b/scanner/k8s-assets/chart/k8s-assets-scanner/templates/cronjob.yaml
index 8f2b0933..fb02e38f 100644
--- a/scanner/k8s-assets/chart/k8s-assets-scanner/templates/cronjob.yaml
+++ b/scanner/k8s-assets/chart/k8s-assets-scanner/templates/cronjob.yaml
@@ -11,6 +11,7 @@ spec:
     spec:
       template:
         spec:
+          serviceAccountName: {{ include "k8s-assets-scanner.serviceAccountName" . }}
           volumes:
           - name: config-volume
             configMap:
@@ -23,28 +24,26 @@ spec:
             - name: config-volume
               mountPath: "{{ .Values.scanner.config_mount_path }}"
               readOnly: true
+            command:
+              - /heureka-scanner-k8s-assets
             env:
-              - name: HEUREKA_API_TOKEN
-                valueFrom:
-                  secretKeyRef:
-                    name: {{ .Release.Name }}-secret
-                    key: api_token
-              - name: HEUREKA_URL
-                value: {{ .Values.scanner.heureka_url }}
-              - name: SUPPORT_GROUP_LABEL
-                value: {{ .Values.scanner.support_group_label }}
-              - name: SERVICE_CCRN_LABEL
-                value: {{ .Values.scanner.service_label }}
-              - name: SCANNER_TIMEOUT
-                value: {{ .Values.scanner.scanner_timeout }}
-              - name: HEUREKA_CLUSTER_NAME
-                value: {{ .Values.scanner.k8s_cluster_name }}
-              - name: HEUREKA_CLUSTER_REGION
-                value: {{ .Values.scanner.k8s_cluster_region }}
-              - name: KUBE_CONFIG_TYPE
-                value: "in-cluster"
-            args:
-            - /bin/sh
-            - -c
-            - date; echo Hello from the Kubernetes cluster
+            - name: HEUREKA_API_TOKEN
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Release.Name }}-secret
+                  key: api_token
+            - name: HEUREKA_URL
+              value: {{ .Values.scanner.heureka_url }}
+            - name: SUPPORT_GROUP_LABEL
+              value: {{ .Values.scanner.support_group_label }}
+            - name: SERVICE_CCRN_LABEL
+              value: {{ .Values.scanner.service_label }}
+            - name: SCANNER_TIMEOUT
+              value: {{ .Values.scanner.scanner_timeout }}
+            - name: HEUREKA_CLUSTER_NAME
+              value: {{ .Values.scanner.k8s_cluster_name }}
+            - name: HEUREKA_CLUSTER_REGION
+              value: {{ .Values.scanner.k8s_cluster_region }}
+            - name: KUBE_CONFIG_TYPE
+              value: "in-cluster"
           restartPolicy: OnFailure
\ No newline at end of file
diff --git a/scanner/k8s-assets/chart/k8s-assets-scanner/templates/rbac.yaml b/scanner/k8s-assets/chart/k8s-assets-scanner/templates/rbac.yaml
index 677eab4a..d6f4e593 100644
--- a/scanner/k8s-assets/chart/k8s-assets-scanner/templates/rbac.yaml
+++ b/scanner/k8s-assets/chart/k8s-assets-scanner/templates/rbac.yaml
@@ -1,8 +1,8 @@
 # SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and Greenhouse contributors
 # SPDX-License-Identifier: Apache-2.0
 
-# templates/rbac.yaml
 {{- if .Values.serviceAccount.create -}}
+---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
diff --git a/scanner/k8s-assets/chart/k8s-assets-scanner/templates/serviceaccount.yaml b/scanner/k8s-assets/chart/k8s-assets-scanner/templates/serviceaccount.yaml
index c9a9d7dc..49590773 100644
--- a/scanner/k8s-assets/chart/k8s-assets-scanner/templates/serviceaccount.yaml
+++ b/scanner/k8s-assets/chart/k8s-assets-scanner/templates/serviceaccount.yaml
@@ -2,6 +2,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
 {{- if .Values.serviceAccount.create -}}
+---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
diff --git a/scanner/k8s-assets/chart/k8s-assets-scanner/values.yaml b/scanner/k8s-assets/chart/k8s-assets-scanner/values.yaml
index 798aecd8..72c4fcad 100644
--- a/scanner/k8s-assets/chart/k8s-assets-scanner/values.yaml
+++ b/scanner/k8s-assets/chart/k8s-assets-scanner/values.yaml
@@ -6,8 +6,8 @@
 # Declare variables to be passed into your templates.
 
 scanner:
-  api_token: "my_token"
-  heureka_url: "api.heureka.greenhouse-qa.eu-nl-1.cloud.sap"
+  api_token: ""
+  heureka_url: ""
   config_mount_path: "/etc/heureka/config/k8s-assets-scanner"
   schedule: "0 * * * *"
   support_group_label: "ccloud/support-group"
@@ -18,15 +18,15 @@ image:
   repository: ghcr.io/cloudoperators/heureka-scanner-k8s-assets
   pullPolicy: Always
   # Overrides the image tag whose default is the chart appVersion.
-  tag: "main"
+  tag: "latest"
 
 serviceAccount:
   # Specifies whether a service account should be created
-  create: false
+  create: true
   # Automatically mount a ServiceAccount's API credentials?
   automount: true
   # Annotations to add to the service account
   annotations: {}
   # The name of the service account to use.
   # If not set and create is true, a name is generated using the fullname template
-  name: ""
+  name: "heureka-k8s-assets-scanner-sa"