diff --git a/inventory/sample/group_vars/all/oci.yml b/inventory/sample/group_vars/all/oci.yml
index fd83080dd80293b194bfebb1899089077c45a7d2..d4f1a64aaedde7e796b4f07934dd52b862ec4c54 100644
--- a/inventory/sample/group_vars/all/oci.yml
+++ b/inventory/sample/group_vars/all/oci.yml
@@ -8,8 +8,18 @@
 #oci_vnc_id:
 #oci_subnet1_id:
 #oci_subnet2_id:
-## Overide these default behaviors if you wish
+## Overide these default/optional behaviors if you wish
 #oci_security_list_management: All
+# If you would like the controller to manage specific lists per subnet. This is a mapping of subnet ocids to security list ocids. Below are examples. 
+#oci_security_lists:
+  #ocid1.subnet.oc1.phx.aaaaaaaasa53hlkzk6nzksqfccegk2qnkxmphkblst3riclzs4rhwg7rg57q: ocid1.securitylist.oc1.iad.aaaaaaaaqti5jsfvyw6ejahh7r4okb2xbtuiuguswhs746mtahn72r7adt7q
+  #ocid1.subnet.oc1.phx.aaaaaaaahuxrgvs65iwdz7ekwgg3l5gyah7ww5klkwjcso74u3e4i64hvtvq: ocid1.securitylist.oc1.iad.aaaaaaaaqti5jsfvyw6ejahh7r4okb2xbtuiuguswhs746mtahn72r7adt7q
 # If oci_use_instance_principals is true, you do not need to set the region, tenancy, user, key, passphrase, or fingerprint
 #oci_use_instance_principals: false
-#oci_cloud_controller_version: 0.5.0
+#oci_cloud_controller_version: 0.6.0
+# If you would like to control OCI query rate limits for the controller 
+#oci_rate_limit:
+  #rate_limit_qps_read:
+  #rate_limit_qps_write:
+  #rate_limit_bucket_read:
+  #rate_limit_bucket_write:
diff --git a/roles/kubernetes-apps/cloud_controller/oci/defaults/main.yml b/roles/kubernetes-apps/cloud_controller/oci/defaults/main.yml
index ccfb700771250ccf547a9a81cbc06b20257e8fc8..f128f741cf44e3cc3ab87bdf90776247ea05df30 100644
--- a/roles/kubernetes-apps/cloud_controller/oci/defaults/main.yml
+++ b/roles/kubernetes-apps/cloud_controller/oci/defaults/main.yml
@@ -2,4 +2,4 @@
 
 oci_security_list_management: All
 oci_use_instance_principals: false
-oci_cloud_controller_version: 0.5.0
+oci_cloud_controller_version: 0.6.0
diff --git a/roles/kubernetes-apps/cloud_controller/oci/tasks/main.yml b/roles/kubernetes-apps/cloud_controller/oci/tasks/main.yml
index 37e5962d3dc0c192be8e010748078ca342fbd6b6..4907218cdb06a0c14d1481cd40fae050289661c4 100644
--- a/roles/kubernetes-apps/cloud_controller/oci/tasks/main.yml
+++ b/roles/kubernetes-apps/cloud_controller/oci/tasks/main.yml
@@ -28,6 +28,7 @@
   kube:
     kubectl: "{{ bin_dir }}/kubectl"
     filename: "/tmp/cloud-provider.yml"
+    state: latest
   when: inventory_hostname == groups['kube-master'][0]
   tags: oci
 
@@ -47,5 +48,6 @@
   kube:
     kubectl: "{{ bin_dir }}/kubectl"
     filename: "/tmp/oci-cloud-controller-manager.yml"
+    state: latest
   when: inventory_hostname == groups['kube-master'][0]
   tags: oci
diff --git a/roles/kubernetes-apps/cloud_controller/oci/templates/controller-manager-config.yml.j2 b/roles/kubernetes-apps/cloud_controller/oci/templates/controller-manager-config.yml.j2
index 38c7ba86ce2d5fbb887df009a36029dc4cc848bb..9726d3c5e34247e9982d02a3afdc02ca194e94c3 100644
--- a/roles/kubernetes-apps/cloud_controller/oci/templates/controller-manager-config.yml.j2
+++ b/roles/kubernetes-apps/cloud_controller/oci/templates/controller-manager-config.yml.j2
@@ -54,3 +54,28 @@ loadBalancer:
   #                    inbound traffic to load balancers.
   securityListManagementMode: {{ oci_security_list_management }}
 
+{% if oci_security_lists is defined and oci_security_lists|length > 0 %}
+  # Optional specification of which security lists to modify per subnet. This does not apply if security list management is off.
+  securityLists:
+{% for subnet_ocid, list_ocid in oci_security_lists.iteritems() %}
+    {{ subnet_ocid }}: {{ list_ocid }}
+{% endfor %}
+{% endif %}
+
+{% if oci_rate_limit is defined and oci_rate_limit|length > 0 %}
+# Optional rate limit controls for accessing OCI API
+rateLimiter:
+{% if oci_rate_limit.rate_limit_qps_read %}
+  rateLimitQPSRead: {{ oci_rate_limit.rate_limit_qps_read }} 
+{% endif %}
+{% if oci_rate_limit.rate_limit_qps_write %}
+  rateLimitQPSWrite: {{ oci_rate_limit.rate_limit_qps_write }} 
+{% endif %}
+{% if oci_rate_limit.rate_limit_bucket_read %}
+  rateLimitBucketRead: {{ oci_rate_limit.rate_limit_bucket_read }} 
+{% endif %}
+{% if oci_rate_limit.rate_limit_bucket_write %}
+  rateLimitBucketWrite: {{ oci_rate_limit.rate_limit_bucket_write }} 
+{% endif %}
+{% endif %}
+