diff --git a/roles/telegraf/defaults/main.yml b/roles/telegraf/defaults/main.yml
index 3c38323..e053036 100644
--- a/roles/telegraf/defaults/main.yml
+++ b/roles/telegraf/defaults/main.yml
@@ -27,8 +27,15 @@ telegraf_config_location: "{{ telegraf_install_location }}/conf"
 telegraf_version: "1.20.3"
 # renovate: depName=quay.io/sheogorath/docker-socket-proxy
 telegraf_dockersocketproxy_version: "2.3"
+# Changing this image may also require changing the UID / GID below,
+# to set the correct permissions
 telegraf_image_version: "{{ telegraf_version }}-alpine"
 
+# Telegraf config user & group id
+# This is used for the config folder that is mounted to the container
+telegraf_config_uid: 100
+telegraf_config_gid: 101
+
 # The influxdb endpoints, telegraf should send data to
 telegraf_influxdb_endpoints:
   - influxdb.example.com
diff --git a/roles/telegraf/tasks/main.yml b/roles/telegraf/tasks/main.yml
index 4262205..86dda24 100644
--- a/roles/telegraf/tasks/main.yml
+++ b/roles/telegraf/tasks/main.yml
@@ -41,8 +41,8 @@
   file:
     path: "{{ item }}"
     mode: '0700'
-    owner: 'root'
-    group: 'root'
+    owner: "{{ telegraf_config_uid }}"
+    group: "{{ telegraf_config_gid }}"
     state: directory
     setype: "container_file_t"
   with_items:
@@ -63,9 +63,9 @@
   template:
     src: "telegraf.conf"
     dest: "{{ telegraf_config_location }}/telegraf.conf"
-    mode: '0644'
-    owner: 'root'
-    group: 'root'
+    mode: '0600'
+    owner: "{{ telegraf_config_uid }}"
+    group: "{{ telegraf_config_gid }}"
   notify: "Restart telegraf"
   become: true