diff --git a/Dockerfile b/Dockerfile
index 0f5006fba4..5086d65ae7 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -73,6 +73,8 @@ EXPOSE 8200
 COPY .release/docker/docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
 ENTRYPOINT ["docker-entrypoint.sh"]
 
+# Use the Vault user as the default user for starting this container.
+USER ${NAME}
 
 # # By default you'll get a single-node development server that stores everything
 # # in RAM and bootstraps itself. Don't use this configuration for production.
@@ -166,7 +168,7 @@ COPY .release/docker/ubi-docker-entrypoint.sh /usr/local/bin/docker-entrypoint.s
 ENTRYPOINT ["docker-entrypoint.sh"]
 
 # Use the Vault user as the default user for starting this container.
-USER vault
+USER ${NAME}
 
 # # By default you'll get a single-node development server that stores everything
 # # in RAM and bootstraps itself. Don't use this configuration for production.
diff --git a/changelog/_12920.txt b/changelog/_12920.txt
new file mode 100644
index 0000000000..2b4bfa8566
--- /dev/null
+++ b/changelog/_12920.txt
@@ -0,0 +1,3 @@
+```release-note:improvement
+dockerfile: container will now run as vault user by default
+```
diff --git a/scripts/docker/Dockerfile b/scripts/docker/Dockerfile
index 62ad403f25..a2ff6fd848 100644
--- a/scripts/docker/Dockerfile
+++ b/scripts/docker/Dockerfile
@@ -61,6 +61,9 @@ EXPOSE 8200
 COPY ./scripts/docker/docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
 ENTRYPOINT ["docker-entrypoint.sh"]
 
+# Use the Vault user as the default user for starting this container.
+USER vault
+
 # By default you'll get a single-node development server that stores everything
 # in RAM and bootstraps itself. Don't use this configuration for production.
 CMD ["server", "-dev"]