diff --git a/charts/core/templates/manager-deployment.yaml b/charts/core/templates/manager-deployment.yaml
index 34b70cb7..0a6cac70 100644
--- a/charts/core/templates/manager-deployment.yaml
+++ b/charts/core/templates/manager-deployment.yaml
@@ -96,7 +96,7 @@ spec:
             - name: MANAGER_SERVER_PORT
               value: "{{ .Values.manager.svc.mgrServerPort}}"
             - name: CTRL_SERVER_IP
-              value: neuvector-svc-controller.{{ .Release.Namespace }}
+              value: neuvector-svc-controller-api.{{ .Release.Namespace }}
             {{- if not .Values.manager.env.ssl }}
             - name: MANAGER_SSL
               value: "off"
diff --git a/charts/core/templates/role.yaml b/charts/core/templates/role.yaml
index 661dfa8c..9f7dedc6 100644
--- a/charts/core/templates/role.yaml
+++ b/charts/core/templates/role.yaml
@@ -50,6 +50,7 @@ rules:
   - create
   - get
   - update
+{{- end }}
 ---
 {{- if $oc3 }}
 apiVersion: authorization.openshift.io/v1
@@ -153,4 +154,3 @@ rules:
   - create
   - update
   - patch
-{{- end }}
diff --git a/charts/core/templates/rolebinding-least.yaml b/charts/core/templates/rolebinding-least.yaml
index b9bc8b06..ffaeeb25 100644
--- a/charts/core/templates/rolebinding-least.yaml
+++ b/charts/core/templates/rolebinding-least.yaml
@@ -223,6 +223,9 @@ subjects:
 
 ---
 
+kind: SecurityContextConstraints
+metadata:
+  name: neuvector-scc-controller
 allowHostDirVolumePlugin: false
 allowHostIPC: false
 allowHostNetwork: false
@@ -236,9 +239,6 @@ defaultAddCapabilities: null
 fsGroup:
   type: RunAsAny
 groups: []
-kind: SecurityContextConstraints
-metadata:
-  name: neuvector-scc-controller
 priority: null
 readOnlyRootFilesystem: false
 requiredDropCapabilities:
@@ -251,11 +251,11 @@ supplementalGroups:
   type: RunAsAny
 users: []
 volumes:
+- azureFile
 - configMap
 - downwardAPI
 - emptyDir
 - persistentVolumeClaim
-- azureFile
 - projected
 - secret