diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl
index e9ed46d7..b4701d43 100644
--- a/charts/argo-cd/templates/_helpers.tpl
+++ b/charts/argo-cd/templates/_helpers.tpl
@@ -285,3 +285,20 @@ Helper template to set argocd server url in event reporter
   {{- end }}
   {{- printf "%s:%v" (include "argo-cd.server.fullname" .) $port }}
 {{- end -}}
+
+{{/*
+  Create acr controller name and version as used by the chart label.
+*/}}
+{{- define "argo-cd.acr-controller.fullname" -}}
+{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.acrController.name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{/*
+  Create the name of the acr controller service account to use
+  */}}
+{{- define "argo-cd.acrControllerServiceAccountName" -}}
+{{- if .Values.acrController.serviceAccount.create -}}
+{{ default (include "argo-cd.event-reporter.fullname" .) .Values.acrController.serviceAccount.name }}
+{{- else -}}
+{{ default "default" .Values.acrController.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
diff --git a/charts/argo-cd/templates/acr-controller/clusterrole.yaml b/charts/argo-cd/templates/acr-controller/clusterrole.yaml
index 1e4a2562..8ce53da8 100644
--- a/charts/argo-cd/templates/acr-controller/clusterrole.yaml
+++ b/charts/argo-cd/templates/acr-controller/clusterrole.yaml
@@ -12,15 +12,15 @@ rules:
     {{- toYaml .Values.acrController.clusterRoleRules.rules | nindent 2 }}
   {{- else }}
   - apiGroups:
-    - '*'
+      - argoproj.io
     resources:
-    - '*'
+      - applications
     verbs:
-    - '*'
-  - nonResourceURLs:
-    - '*'
-    verbs:
-    - '*'
-  {{- end }}
+      - get
+      - list
+      - watch
+      - patch
+      - update
+{{- end }}
 {{- end }}
 {{- end }}
diff --git a/charts/argo-cd/templates/acr-controller/role.yaml b/charts/argo-cd/templates/acr-controller/role.yaml
index 5e6a9bde..2259a1fb 100644
--- a/charts/argo-cd/templates/acr-controller/role.yaml
+++ b/charts/argo-cd/templates/acr-controller/role.yaml
@@ -7,38 +7,14 @@ metadata:
   labels:
     {{- include "argo-cd.labels" (dict "context" . "component" .Values.acrController.name "name" .Values.acrController.name) | nindent 4 }}
 rules:
-- apiGroups:
-    - ""
-  resources:
-    - secrets
-    - configmaps
-  verbs:
-    - create
-    - get
-    - list
-    - watch
-    - update
-    - patch
-    - delete
-- apiGroups:
-    - argoproj.io
-  resources:
-    - applications
-    - appprojects
-    - applicationsets
-  verbs:
-    - create
-    - get
-    - list
-    - watch
-    - update
-    - delete
-    - patch
-- apiGroups:
-    - ""
-  resources:
-    - events
-  verbs:
-    - create
-    - list
+  - apiGroups:
+      - argoproj.io
+    resources:
+      - applications
+    verbs:
+      - get
+      - list
+      - watch
+      - patch
+      - update
 {{- end }}