Kong Kubernetes - How to not use privileged permissions

Hi, I need some help with Kong and some security settings in Azure Defender.

The recommendations are:

“Kubernetes clusters should disable automounting API credentials”

“Immutable (read-only) root filesystem should be enforced for containers”

I understand that Kong needs both accesses to work, but is there any alternative to remedy these two vulnerabilities and stay compliant?