diff --git a/roles/kubernetes/master/defaults/main/main.yml b/roles/kubernetes/master/defaults/main/main.yml
index 0ca43ef36..bf5efa6a1 100644
--- a/roles/kubernetes/master/defaults/main/main.yml
+++ b/roles/kubernetes/master/defaults/main/main.yml
@@ -72,6 +72,7 @@ kubernetes_audit_webhook: false
 # path to audit webhook config file
 audit_webhook_config_file: "{{ kube_config_dir }}/audit-policy/apiserver-audit-webhook-config.yaml"
 audit_webhook_server_url: "https://audit.app"
+audit_webhook_server_extra_args: {}
 audit_webhook_mode: batch
 audit_webhook_batch_max_size: 100
 audit_webhook_batch_max_wait: 1s
diff --git a/roles/kubernetes/master/templates/apiserver-audit-webhook-config.yaml.j2 b/roles/kubernetes/master/templates/apiserver-audit-webhook-config.yaml.j2
index 497c247cc..cd8208e9b 100644
--- a/roles/kubernetes/master/templates/apiserver-audit-webhook-config.yaml.j2
+++ b/roles/kubernetes/master/templates/apiserver-audit-webhook-config.yaml.j2
@@ -3,6 +3,9 @@ kind: Config
 clusters:
 - cluster:
     server: {{ audit_webhook_server_url }}
+{% for key in audit_webhook_server_extra_args %}
+    {{ key }}: "{{ audit_webhook_server_extra_args[key] }}"
+{% endfor %}
   name: auditsink
 contexts:
 - context: