diff --git a/services/bl99p-ea-ioc-01/values.yaml b/services/bl99p-ea-ioc-01/values.yaml
index 8b2cbde..5139528 100644
--- a/services/bl99p-ea-ioc-01/values.yaml
+++ b/services/bl99p-ea-ioc-01/values.yaml
@@ -1,6 +1,6 @@
 # yaml-language-server: $schema=https://github.com/epics-containers/ec-helm-charts/releases/download/3.4.4/ioc-instance.schema.json#/$defs/service
 ioc-instance:
-  image: ghcr.io/epics-containers/ioc-adandor3-runtime:2024.10.2b4
+  image: ghcr.io/epics-containers/ioc-adandor3-developer:2024.10.2b3
 
   # mount a pvc with the andor3 sdk libraries
   pvClaims:
@@ -10,18 +10,20 @@ ioc-instance:
       subPath: .
 
   dataVolume:
-    pvc: false
+    pvc: true
     hostPath: /dls/p99/data
 
   resources:
     limits:
       cpu: 2
       memory: 512Mi
-      diamond.ac.uk/andor3pci: 1
+      #diamond.ac.uk/andor3pci: 1
+      diamond.ac.uk/video0: 1
     requests:
       cpu: 500m
       memory: 128Mi
-      diamond.ac.uk/andor3pci: 1
+      #diamond.ac.uk/andor3pci: 1
+      diamond.ac.uk/video0: 1
 
   # these are required to point the andor sdk to the correct location
   # must be set in shell environ - not epicsEnvSet
@@ -31,6 +33,13 @@ ioc-instance:
     - name: BITFLOW_INSTALL_DIRS
       value: /data/prefix/bf
 
+  securityContext:
+    runAsUser: 0
+    runAsGroup: 0
+
+  startCommand: sleep
+  startArgs: infinity
+
   # NOTE: the following are suggestions to help with debugging IOCs
   # 1. replace the runtime container with the developer version
   #    this adds tools and compilers to the container so you
diff --git a/services/cagateway/templates/deployment.yaml b/services/cagateway/templates/deployment.yaml
index 54f4bb4..5f6b285 100644
--- a/services/cagateway/templates/deployment.yaml
+++ b/services/cagateway/templates/deployment.yaml
@@ -15,6 +15,7 @@ spec:
       labels:
         app: {{ .Release.Name }}
     spec:
+      serviceAccountName: default-full-access-mounted
       containers:
         - command:
            - bash
diff --git a/services/values.yaml b/services/values.yaml
index 1e535de..3b2f651 100644
--- a/services/values.yaml
+++ b/services/values.yaml
@@ -8,8 +8,8 @@ global:
 ioc-instance:
   # useHostNetwork - use host network for IOC - required for Channel Access
   # to work outside of the cluster
-  hostNetwork: true
+  hostNetwork: false
 
-  securityContext:
-    runAsUser: 37993
-    runAsGroup: 37993
+  # securityContext:
+  #   runAsUser: 37993
+  #   runAsGroup: 37993