diff --git a/openvswitch/templates/daemonset-ovs-db.yaml b/openvswitch/templates/daemonset-ovs-db.yaml
index 3bb36b3e6..7a075c225 100644
--- a/openvswitch/templates/daemonset-ovs-db.yaml
+++ b/openvswitch/templates/daemonset-ovs-db.yaml
@@ -43,6 +43,7 @@ spec:
     spec:
       shareProcessNamespace: true
       serviceAccountName: {{ $serviceAccountName }}
+{{ dict "envAll" $envAll "application" "openvswitch_db_server" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
       nodeSelector:
         {{ .Values.labels.ovs.node_selector_key }}: {{ .Values.labels.ovs.node_selector_value }}
       dnsPolicy: ClusterFirstWithHostNet
@@ -51,15 +52,12 @@ spec:
 {{ tuple $envAll "db" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
         - name: openvswitch-db-perms
 {{ tuple $envAll "openvswitch_db_server" | include "helm-toolkit.snippets.image" | indent 10 }}
+{{ dict "envAll" $envAll "application" "openvswitch_db_server" "container" "perms" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
 {{ tuple $envAll $envAll.Values.pod.resources.ovs.db | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
-          securityContext:
-            runAsUser: 0
-            allowPrivilegeEscalation: false
-            readOnlyRootFilesystem: true
           command:
             - chown
             - -R
-            - "42424:42424"
+            - {{ $envAll.Values.pod.security_context.openvswitch_db_server.container.server.runAsUser | quote }}
             - /run/openvswitch
           volumeMounts:
             - name: pod-tmp
@@ -69,11 +67,8 @@ spec:
       containers:
         - name: openvswitch-db
 {{ tuple $envAll "openvswitch_db_server" | include "helm-toolkit.snippets.image" | indent 10 }}
+{{ dict "envAll" $envAll "application" "openvswitch_db_server" "container" "server" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
 {{ tuple $envAll $envAll.Values.pod.resources.ovs.db | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
-          securityContext:
-            runAsUser: 42424
-            allowPrivilegeEscalation: false
-            readOnlyRootFilesystem: true
           readinessProbe:
             exec:
               command:
diff --git a/openvswitch/templates/daemonset-ovs-vswitchd.yaml b/openvswitch/templates/daemonset-ovs-vswitchd.yaml
index 3974a8625..6a6ab72b0 100644
--- a/openvswitch/templates/daemonset-ovs-vswitchd.yaml
+++ b/openvswitch/templates/daemonset-ovs-vswitchd.yaml
@@ -43,6 +43,7 @@ spec:
     spec:
       shareProcessNamespace: true
       serviceAccountName: {{ $serviceAccountName }}
+{{ dict "envAll" $envAll "application" "openvswitch_vswitchd" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
       nodeSelector:
         {{ .Values.labels.ovs.node_selector_key }}: {{ .Values.labels.ovs.node_selector_value }}
       dnsPolicy: ClusterFirstWithHostNet
@@ -51,11 +52,7 @@ spec:
 {{ tuple $envAll "vswitchd" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
         - name: openvswitch-vswitchd-modules
 {{ tuple $envAll "openvswitch_vswitchd" | include "helm-toolkit.snippets.image" | indent 10 }}
-          securityContext:
-            capabilities:
-              add:
-                - SYS_MODULE
-            runAsUser: 0
+{{ dict "envAll" $envAll "application" "openvswitch_vswitchd" "container" "modules" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
           command:
             - /tmp/openvswitch-vswitchd-init-modules.sh
           volumeMounts:
@@ -71,12 +68,8 @@ spec:
       containers:
         - name: openvswitch-vswitchd
 {{ tuple $envAll "openvswitch_vswitchd" | include "helm-toolkit.snippets.image" | indent 10 }}
+{{ dict "envAll" $envAll "application" "openvswitch_vswitchd" "container" "vswitchd" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
 {{ tuple $envAll $envAll.Values.pod.resources.ovs.vswitchd | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
-          securityContext:
-            runAsUser: 0
-            capabilities:
-              add:
-                - NET_ADMIN
           # ensures this container can speak to the ovs database
           # successfully before its marked as ready
           readinessProbe:
diff --git a/openvswitch/values.yaml b/openvswitch/values.yaml
index 3804ed6a5..4b5a00dd2 100644
--- a/openvswitch/values.yaml
+++ b/openvswitch/values.yaml
@@ -38,6 +38,33 @@ labels:
     node_selector_value: enabled
 
 pod:
+  security_context:
+    openvswitch_db_server:
+      pod:
+        runAsUser: 42424
+      container:
+        perms:
+          runAsUser: 0
+          allowPrivilegeEscalation: false
+          readOnlyRootFilesystem: true
+        server:
+          runAsUser: 42424
+          allowPrivilegeEscalation: false
+          readOnlyRootFilesystem: true
+    openvswitch_vswitchd:
+      pod:
+        runAsUser: 0
+      container:
+        modules:
+          runAsUser: 0
+          capabilities:
+            add:
+              - SYS_MODULE
+        vswitchd:
+          runAsUser: 0
+          capabilities:
+            add:
+              - NET_ADMIN
   lifecycle:
     upgrades:
       daemonsets: