diff --git a/templates/dash/dash-common.yaml b/templates/dash/dash-common.yaml
index 775f4233..4e1ba6b9 100644
--- a/templates/dash/dash-common.yaml
+++ b/templates/dash/dash-common.yaml
@@ -72,19 +72,3 @@ subjects:
     kind: ServiceAccount
     name: dash-system
     namespace: dash
----
-apiVersion: nats.io/v1alpha2
-kind: NatsServiceRole
-metadata:
-  name: dash-system
-  namespace: dash
-  labels:
-    nats_cluster: nats
-    nats_service_account: dash-system
-spec:
-  permissions:
-    publish:
-      - dash.optimize.>
-    subscribe:
-      - _inbox.>
-      - _INBOX.>
diff --git a/templates/dash/dash-natsservicerole.yaml b/templates/dash/dash-natsservicerole.yaml
new file mode 100644
index 00000000..f77d915a
--- /dev/null
+++ b/templates/dash/dash-natsservicerole.yaml
@@ -0,0 +1,113 @@
+---
+apiVersion: nats.io/v1alpha2
+kind: NatsServiceRole
+metadata:
+  name: nats-dash-collector
+  namespace: dash
+  labels:
+    nats_cluster: nats
+    nats_service_account: nats-dash-collector
+spec:
+  permissions:
+    publish:
+      - dash.collector
+      - dash.collector.>
+    subscribe:
+      - _inbox.*
+      - _INBOX.>
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: nats-dash-network
+  namespace: dash
+  labels:
+    nats_cluster: nats
+    nats_service_account: nats-dash-network
+---
+apiVersion: nats.io/v1alpha2
+kind: NatsServiceRole
+metadata:
+  name: nats-dash-network
+  namespace: dash
+  labels:
+    nats_cluster: nats
+    nats_service_account: nats-dash-network
+spec:
+  permissions:
+    publish:
+      - _inbox.*
+      - _INBOX.>
+      - dash.network.>
+    subscribe:
+      - _inbox.*
+      - _INBOX.>
+      - dash.collector
+      - dash.collector.>
+      - dash.network.>
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: nats-dash-network-agent
+  namespace: dash
+  labels:
+    nats_cluster: nats
+    nats_service_account: nats-dash-network-agent
+---
+apiVersion: nats.io/v1alpha2
+kind: NatsServiceRole
+metadata:
+  name: nats-dash-network-agent
+  namespace: dash
+  labels:
+    nats_cluster: nats
+    nats_service_account: nats-dash-network-agent
+spec:
+  permissions:
+    publish:
+      - _inbox.*
+      - _INBOX.>
+      - dash.network.manage
+    subscribe:
+      - _inbox.*
+      - _INBOX.>
+      - dash.network.alert
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: nats-dash-network-connect
+  namespace: dash
+  labels:
+    nats_cluster: nats
+    nats_service_account: nats-dash-network-connect
+---
+apiVersion: nats.io/v1alpha2
+kind: NatsServiceRole
+metadata:
+  name: nats-dash-network-connect
+  namespace: dash
+  labels:
+    nats_cluster: nats
+    nats_service_account: nats-dash-network-connect
+spec:
+  permissions:
+    publish:
+      - dash.network.connect
+---
+apiVersion: nats.io/v1alpha2
+kind: NatsServiceRole
+metadata:
+  name: dash-system
+  namespace: dash
+  labels:
+    nats_cluster: nats
+    nats_service_account: dash-system
+spec:
+  permissions:
+    publish:
+      - dash.optimize.>
+    subscribe:
+      - _inbox.>
+      - _INBOX.>
diff --git a/templates/dash/dash-operator.yaml b/templates/dash/dash-operator.yaml
index 104903a0..92023100 100644
--- a/templates/dash/dash-operator.yaml
+++ b/templates/dash/dash-operator.yaml
@@ -77,7 +77,7 @@ spec:
         - name: nats-token
           secret:
             secretName: dash-system-nats-bound-token
-            optional: false
+            optional: true
             items:
               - key: token
                 path: token
diff --git a/templates/dash/namespace.yaml b/templates/dash/namespace.yaml
index 0d9e19e2..076efe0a 100644
--- a/templates/dash/namespace.yaml
+++ b/templates/dash/namespace.yaml
@@ -15,100 +15,3 @@ metadata:
   labels:
     nats_cluster: nats
     nats_service_account: nats-dash-collector
----
-apiVersion: nats.io/v1alpha2
-kind: NatsServiceRole
-metadata:
-  name: nats-dash-collector
-  namespace: dash
-  labels:
-    nats_cluster: nats
-    nats_service_account: nats-dash-collector
-spec:
-  permissions:
-    publish:
-      - dash.collector
-      - dash.collector.>
-    subscribe:
-      - _inbox.*
-      - _INBOX.>
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: nats-dash-network
-  namespace: dash
-  labels:
-    nats_cluster: nats
-    nats_service_account: nats-dash-network
----
-apiVersion: nats.io/v1alpha2
-kind: NatsServiceRole
-metadata:
-  name: nats-dash-network
-  namespace: dash
-  labels:
-    nats_cluster: nats
-    nats_service_account: nats-dash-network
-spec:
-  permissions:
-    publish:
-      - _inbox.*
-      - _INBOX.>
-      - dash.network.>
-    subscribe:
-      - _inbox.*
-      - _INBOX.>
-      - dash.collector
-      - dash.collector.>
-      - dash.network.>
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: nats-dash-network-agent
-  namespace: dash
-  labels:
-    nats_cluster: nats
-    nats_service_account: nats-dash-network-agent
----
-apiVersion: nats.io/v1alpha2
-kind: NatsServiceRole
-metadata:
-  name: nats-dash-network-agent
-  namespace: dash
-  labels:
-    nats_cluster: nats
-    nats_service_account: nats-dash-network-agent
-spec:
-  permissions:
-    publish:
-      - _inbox.*
-      - _INBOX.>
-      - dash.network.manage
-    subscribe:
-      - _inbox.*
-      - _INBOX.>
-      - dash.network.alert
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: nats-dash-network-connect
-  namespace: dash
-  labels:
-    nats_cluster: nats
-    nats_service_account: nats-dash-network-connect
----
-apiVersion: nats.io/v1alpha2
-kind: NatsServiceRole
-metadata:
-  name: nats-dash-network-connect
-  namespace: dash
-  labels:
-    nats_cluster: nats
-    nats_service_account: nats-dash-network-connect
-spec:
-  permissions:
-    publish:
-      - dash.network.connect