diff --git a/terraform/control-plane1.bu b/terraform/control-plane1.bu
index 284af3c..d352c28 100644
--- a/terraform/control-plane1.bu
+++ b/terraform/control-plane1.bu
@@ -187,14 +187,37 @@ storage:
             extraArgs:
               flex-volume-plugin-dir: "/opt/libexec/kubernetes/kubelet-plugins/volume/exec/"
               bind-address: '::'
+          apiServer:
+            extraArgs:
+              enable-aggregator-routing: "true"
+              proxy-client-cert-file: /etc/kubernetes/pki/front-proxy-client.crt
+              proxy-client-key-file:  /etc/kubernetes/pki/front-proxy-client.key
+              requestheader-client-ca-file: /etc/kubernetes/pki/front-proxy-ca.crt
+              requestheader-allowed-names: front-proxy-client
+              requestheader-extra-headers-prefix: X-Remote-Extra-
+              requestheader-group-headers:       X-Remote-Group
+              requestheader-username-headers:    X-Remote-User
+
           ---
           apiVersion: kubelet.config.k8s.io/v1beta1
           kind: KubeletConfiguration
           address: "::"
           healthzBindAddress: "::"
           clusterDomain: "k8s.undercloud.local"
+          clusterDNS:
+            - "2001:470:7116:f:1::53"
+            - "10.0.91.53"
           volumePluginDir: /opt/libexec/kubernetes/kubelet-plugins/volume/exec
           cgroupDriver: "systemd"
+          apiVersion: kubelet.config.k8s.io/v1beta1
+          authentication:
+            anonymous:
+              enabled: true
+            webhook:
+              enabled: true
+          authorization:
+            mode: Webhook
+
     - path: /etc/kubernetes/addons/kube-dns-fixed-svc.yaml
       mode: 0644
       contents:
diff --git a/terraform/control-plane2.bu b/terraform/control-plane2.bu
index 4d35f67..895f25b 100644
--- a/terraform/control-plane2.bu
+++ b/terraform/control-plane2.bu
@@ -174,6 +174,13 @@ storage:
             - "10.0.91.53"
           cgroupDriver: "systemd" 
           volumePluginDir: "/opt/libexec/kubernetes/kubelet-plugins/volume/exec/"
+          authentication:
+            anonymous:
+              enabled: true
+            webhook:
+              enabled: true
+          authorization:
+            mode: Webhook
 
 systemd:
   units:
diff --git a/terraform/control-plane3.bu b/terraform/control-plane3.bu
index ead3f8f..7ea101c 100644
--- a/terraform/control-plane3.bu
+++ b/terraform/control-plane3.bu
@@ -174,6 +174,13 @@ storage:
             - "10.0.91.53"
           cgroupDriver: "systemd" 
           volumePluginDir: "/opt/libexec/kubernetes/kubelet-plugins/volume/exec/"
+          authentication:
+            anonymous:
+              enabled: true
+            webhook:
+              enabled: true
+          authorization:
+            mode: Webhook
 
 systemd:
   units: