diff --git a/mirrord-operator/Chart.yaml b/mirrord-operator/Chart.yaml
index 6779f05..0f4e3ce 100644
--- a/mirrord-operator/Chart.yaml
+++ b/mirrord-operator/Chart.yaml
@@ -15,7 +15,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.5.1
+version: 0.6.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
diff --git a/mirrord-operator/templates/scc.yaml b/mirrord-operator/templates/scc.yaml
new file mode 100644
index 0000000..5516938
--- /dev/null
+++ b/mirrord-operator/templates/scc.yaml
@@ -0,0 +1,17 @@
+{{- if .Values.openshift }}
+kind: SecurityContextConstraints
+apiVersion: security.openshift.io/v1
+metadata:
+  name: scc-mirrord
+allowHostPID: true
+allowPrivilegedContainer: false
+allowHostDirVolumePlugin: true
+allowedCapabilities: ["SYS_ADMIN", "SYS_PTRACE", "NET_RAW", "NET_ADMIN"]
+runAsUser:
+  type: MustRunAsNonRoot
+seLinuxContext:
+  type: MustRunAs
+users:
+- system:serviceaccount:mirrord:mirrord-operator
+- system:serviceaccount:mirrord:default
+{{ end }}
diff --git a/mirrord-operator/values.yaml b/mirrord-operator/values.yaml
index b5d8e6f..d14e7b2 100644
--- a/mirrord-operator/values.yaml
+++ b/mirrord-operator/values.yaml
@@ -43,3 +43,6 @@ tls:
   data:
     tls.key: ""
     tls.crt: ""
+
+# if you run on OpenShift, set this value to true to get a SCC in the yaml.
+openshift: false
\ No newline at end of file