diff --git a/definitions/install.yaml b/definitions/install.yaml
index 6a1caea2d6..28cbbc797b 100644
--- a/definitions/install.yaml
+++ b/definitions/install.yaml
@@ -159,12 +159,12 @@ spec:
     targetPort: 443
   selector:
     app: kube-policy
-#---
-#apiVersion: v1
-#kind: ServiceAccount
-#metadata:
-#  name: kube-policy-service-account
-#  namespace: kube-system
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: kube-policy-service-account
+  namespace: kube-system
 ---
 kind: ClusterRoleBinding
 apiVersion: rbac.authorization.k8s.io/v1beta1
@@ -176,41 +176,29 @@ roleRef:
   name: cluster-admin
 subjects:
 - kind: ServiceAccount
-  name: default
+  name: kube-policy-service-account
   namespace: kube-system
 ---
 apiVersion: extensions/v1beta1
-kind: DaemonSet
+kind: Deployment
 metadata:
+  namespace: kube-system
+  name: kube-policy-deployment
   labels:
     app: kube-policy
-    tier: node
-  name: kube-policy-daemon
-  namespace: kube-system
 spec:
+  replicas: 1
   template:
     metadata:
       labels:
         app: kube-policy
-        tier: node
     spec:
-      #serviceAccountName: kube-policy-service-account
-      #serviceAccount: kube-policy-service-account
+      serviceAccountName: kube-policy-service-account
       containers:
-      - name: kube-policy
-        image: nirmata/kube-policy:latest
-        imagePullPolicy: IfNotPresent
-        ports:
-        - containerPort: 443
-        securityContext:
-          privileged: true
-      hostNetwork: true
-      tolerations:
-      - key: CriticalAddonsOnly
-        operator: Exists
-      - effect: NoSchedule
-        key: node-role.kubernetes.io/master
-        operator: Exists
-      - effect: NoSchedule
-        key: node.kubernetes.io/not-ready
-        operator: Exists
+        - name: kube-policy
+          image: nirmata/kube-policy:latest
+          imagePullPolicy: IfNotPresent
+          ports:
+          - containerPort: 443
+          securityContext:
+            privileged: true