diff --git a/infrastructure/kubernetes/base/service-accounts.yaml b/infrastructure/kubernetes/base/service-accounts.yaml
new file mode 100644
index 0000000..c1d85cc
--- /dev/null
+++ b/infrastructure/kubernetes/base/service-accounts.yaml
@@ -0,0 +1,69 @@
+# Human Tasks:
+# 1. Configure registry-credentials secret in backend and web namespaces
+# 2. Review and configure RBAC roles and bindings for each service account
+# 3. Verify container registry access and authentication
+# 4. Set up monitoring service permissions and access controls
+# 5. Configure audit logging for service account token usage
+
+# Kubernetes version: v1.24+
+
+---
+# Backend service account definition
+# Addresses requirements:
+# - Security Controls (6.3): Implements service account-based access control
+# - Infrastructure Security (2.5.2): Provides secure service-to-service communication
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: backend-service
+  namespace: mint-replica-backend
+  labels:
+    app: mint-replica-lite
+    component: backend
+    environment: ${ENV}
+  annotations:
+    kubernetes.io/description: "Service account for backend services with container registry access"
+    kubernetes.io/enforce-mountable-secrets: "true"
+imagePullSecrets:
+  - name: registry-credentials
+automountServiceAccountToken: true
+
+---
+# Web service account definition
+# Addresses requirements:
+# - Authorization Matrix (6.1): Defines service identities with varying permission levels
+# - Infrastructure Security (2.5.2): Enables automated token mounting
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: web-service
+  namespace: mint-replica-web
+  labels:
+    app: mint-replica-lite
+    component: web
+    environment: ${ENV}
+  annotations:
+    kubernetes.io/description: "Service account for web applications with container registry access"
+    kubernetes.io/enforce-mountable-secrets: "true"
+imagePullSecrets:
+  - name: registry-credentials
+automountServiceAccountToken: true
+
+---
+# Monitoring service account definition
+# Addresses requirements:
+# - Security Controls (6.3): Implements restricted privileges for monitoring
+# - Authorization Matrix (6.1): Ensures proper isolation and access control
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: monitoring-service
+  namespace: mint-replica-monitoring
+  labels:
+    app: mint-replica-lite
+    component: monitoring
+    environment: ${ENV}
+  annotations:
+    kubernetes.io/description: "Service account for monitoring services with restricted privileges"
+    kubernetes.io/enforce-mountable-secrets: "true"
+automountServiceAccountToken: true
\ No newline at end of file