diff --git a/roles/kubernetes/client/tasks/main.yml b/roles/kubernetes/client/tasks/main.yml
index d34131a3a35643b155f1ca52c445be28b6aa2732..67b2da3258bb4a39a0768eefa9c87c1f08f5976d 100644
--- a/roles/kubernetes/client/tasks/main.yml
+++ b/roles/kubernetes/client/tasks/main.yml
@@ -40,7 +40,7 @@
     src: "{{ kube_config_dir }}/admin.conf"
     dest: "/root/.kube/config"
     remote_src: yes
-    mode: "0700"
+    mode: "0600"
     backup: yes
 
 - name: Copy admin kubeconfig to ansible host
diff --git a/roles/kubernetes/master/tasks/kubeadm-setup.yml b/roles/kubernetes/master/tasks/kubeadm-setup.yml
index 3fcd04715e297c45e54c93bc67b13e4d62147cdc..b841d83572b5b6e524b9ae3dea42c2e5b5d0473d 100644
--- a/roles/kubernetes/master/tasks/kubeadm-setup.yml
+++ b/roles/kubernetes/master/tasks/kubeadm-setup.yml
@@ -128,7 +128,7 @@
     content: "{{ item.content | b64decode }}"
     owner: root
     group: root
-    mode: 0700
+    mode: 0600
   no_log: true
   register: copy_kubeadm_certs
   with_items: "{{ kubeadm_certs.results }}"