diff --git a/roles/kubernetes-apps/registry/templates/registry-proxy-psp.yml.j2 b/roles/kubernetes-apps/registry/templates/registry-proxy-psp.yml.j2
index e73711a95783bb447ef2c03324780222247bf212..c7375336a171a16299323b7c3d8ed7def37e4880 100644
--- a/roles/kubernetes-apps/registry/templates/registry-proxy-psp.yml.j2
+++ b/roles/kubernetes-apps/registry/templates/registry-proxy-psp.yml.j2
@@ -17,7 +17,16 @@ spec:
   privileged: false
   allowPrivilegeEscalation: false
   requiredDropCapabilities:
-    - ALL
+    - SETPCAP
+    - MKNOD
+    - AUDIT_WRITE
+    - NET_RAW
+    - DAC_OVERRIDE
+    - FOWNER
+    - FSETID
+    - KILL
+    - SYS_CHROOT
+    - SETFCAP
   volumes:
     - 'configMap'
     - 'emptyDir'