We have been able to deploy "pm-tagger" in our cluster using Helm, we solved the permission issue creating a new Service Account and referencing it on our custom-values.yaml. 

However we are unable to connect to this pod using Policy Manager.

We created our routes on Openshift manually  in passthrough mode, except the pm-tagger one  (we have to create it in Edge mode).

If we try to connect to the gateway (port 9443) via Policy Manager all work as expected, but if we do using the "pm-tagger" route a error is thrown

Release : 10.1

This works a bit different you do not connect to the pm-tagger pod but the management service created , basically the pm-tagger pod is scanning the ssg deployment for gateway pods ,

and then update the load balancer service for the  my-ssg-gateway-management service to point to one backed-end only instead of all active pods.