diff --git a/roles/kubernetes-apps/csi_driver/vsphere/tasks/main.yml b/roles/kubernetes-apps/csi_driver/vsphere/tasks/main.yml
index 8047d468dfc9e42be759b92448ed5155f8689f84..4e341b2aff05cb89265bafa2eca924c585331c26 100644
--- a/roles/kubernetes-apps/csi_driver/vsphere/tasks/main.yml
+++ b/roles/kubernetes-apps/csi_driver/vsphere/tasks/main.yml
@@ -24,9 +24,19 @@
   when: inventory_hostname == groups['kube-master'][0]
   tags: vsphere-csi-driver
 
-- name: vSphere CSI Driver | Create a CSI secret
-  command: "{{ bin_dir }}/kubectl create secret generic vsphere-config-secret --from-file=csi-vsphere.conf={{ kube_config_dir }}/vsphere-csi-cloud-config -n kube-system"
+- name: vSphere CSI Driver | Generate a CSI secret manifest
+  command: "{{ bin_dir }}/kubectl create secret generic vsphere-config-secret --from-file=csi-vsphere.conf={{ kube_config_dir }}/vsphere-csi-cloud-config -n kube-system --dry-run --save-config -o yaml"
+  register: vsphere_csi_secret_manifest
   when: inventory_hostname == groups['kube-master'][0]
+  no_log: true
+  tags: vsphere-csi-driver
+
+- name: vSphere CSI Driver | Apply a CSI secret manifest
+  command:
+    cmd: "{{ bin_dir }}/kubectl apply -f -"
+    stdin: "{{ vsphere_csi_secret_manifest.stdout }}"
+  when: inventory_hostname == groups['kube-master'][0]
+  no_log: true
   tags: vsphere-csi-driver
 
 - name: vSphere CSI Driver | Apply Manifests
diff --git a/roles/kubernetes-apps/external_cloud_controller/vsphere/tasks/main.yml b/roles/kubernetes-apps/external_cloud_controller/vsphere/tasks/main.yml
index 6b49cfdf8c8ce02c4531e9896f053159d6584573..0dbf3f7dca4652ca217ab1d943159b9ded6229aa 100644
--- a/roles/kubernetes-apps/external_cloud_controller/vsphere/tasks/main.yml
+++ b/roles/kubernetes-apps/external_cloud_controller/vsphere/tasks/main.yml
@@ -25,8 +25,16 @@
   when: inventory_hostname == groups['kube-master'][0]
   tags: external-vsphere
 
-- name: External vSphere Cloud Provider Interface | Create a CPI configMap
-  command: "{{ bin_dir }}/kubectl create configmap cloud-config --from-file=vsphere.conf={{ kube_config_dir }}/external-vsphere-cpi-cloud-config -n kube-system"
+- name: External vSphere Cloud Provider Interface | Create a CPI configMap manifest
+  command: "{{ bin_dir }}/kubectl create configmap cloud-config --from-file=vsphere.conf={{ kube_config_dir }}/external-vsphere-cpi-cloud-config -n kube-system --dry-run --save-config -o yaml"
+  register: external_vsphere_configmap_manifest
+  when: inventory_hostname == groups['kube-master'][0]
+  tags: external-vsphere
+
+- name: External vSphere Cloud Provider Interface | Apply a CPI configMap manifest
+  command:
+    cmd: "{{ bin_dir }}/kubectl apply -f -"
+    stdin: "{{ external_vsphere_configmap_manifest.stdout }}"
   when: inventory_hostname == groups['kube-master'][0]
   tags: external-vsphere