diff --git a/roles/k8s_master/files/custom/teckids-apiserver.yaml b/roles/k8s_master/files/custom/teckids-apiserver.yaml
deleted file mode 100644
index 7b00d42185a95d81b14aab39f98c0cbd067f704a..0000000000000000000000000000000000000000
--- a/roles/k8s_master/files/custom/teckids-apiserver.yaml
+++ /dev/null
@@ -1,10 +0,0 @@
-apiVersion: kubeadm.k8s.io/v1beta3
-kind: ClusterConfiguration
-kubernetesVersion: v1.23.5
-apiServer:
-  extraArgs:
-    oidc-issuer-url: "https://ticdesk.teckids.org/oauth"
-    oidc-client-id: "RcO3weOpSnlenZcBaBbXKFoNpElQzxjU0O20T273"
-    oidc-username-claim: "preferred_username"
-    audit-log-path: "/var/log/audit.log"
-    audit-policy-file: "/etc/kubernetes/manifests/custom/teckids-logging.yaml"
diff --git a/roles/k8s_master/templates/teckids-apiserver.yaml.j2 b/roles/k8s_master/templates/teckids-apiserver.yaml.j2
index ee511a1311a57366a2d2ab5fb89bb1a1585a50ac..224bae7ef8f5c914ca417f58674c88985801edd5 100644
--- a/roles/k8s_master/templates/teckids-apiserver.yaml.j2
+++ b/roles/k8s_master/templates/teckids-apiserver.yaml.j2
@@ -6,3 +6,5 @@ apiServer:
     oidc-issuer-url: "https://ticdesk.teckids.org/oauth"
     oidc-client-id: "{{ kubernetes_oidc_id }}"
     oidc-username-claim: "preferred_username"
+    audit-log-path: "/var/log/audit.log"
+    audit-policy-file: "/etc/kubernetes/manifests/custom/teckids-logging.yaml"