diff --git a/Dockerfile.controller b/Dockerfile.controller
index b4d55243..abd72b34 100644
--- a/Dockerfile.controller
+++ b/Dockerfile.controller
@@ -25,6 +25,8 @@ RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 GO111MODULE=on go build -a -o manager
 FROM gcr.io/distroless/static:nonroot
 WORKDIR /
 COPY --from=builder /workspace/manager .
-USER nonroot:nonroot
+
+# as defined by distroless for nonroot
+USER 65532:65532
 
 ENTRYPOINT ["/manager"]
diff --git a/Dockerfile.starter b/Dockerfile.starter
index 169056b4..d320b507 100644
--- a/Dockerfile.starter
+++ b/Dockerfile.starter
@@ -1,3 +1,5 @@
 FROM radial/busyboxplus:curl
 
+# as defined by distroless for nonroot
+USER 65532:65532
 COPY --from=redboxoss/scuttle:latest /scuttle /bin/scuttle