diff --git a/inventory/group_vars/all.yml b/inventory/group_vars/all.yml
index 0fe0dd5e5..45912786b 100644
--- a/inventory/group_vars/all.yml
+++ b/inventory/group_vars/all.yml
@@ -5,6 +5,10 @@ bin_dir: /usr/local/bin
 # Note: ensure that you've enough disk space (about 1G)
 local_release_dir: "/tmp/releases"
 
+# This is the group that the cert creation scripts chgrp the
+# cert files to. Not really changable...
+kube_cert_group: kube-cert
+
 # Cluster Loglevel configuration
 kube_log_level: 2
 
diff --git a/roles/download/defaults/main.yml b/roles/download/defaults/main.yml
index 89f878aa0..4598e0156 100644
--- a/roles/download/defaults/main.yml
+++ b/roles/download/defaults/main.yml
@@ -1,10 +1,6 @@
 ---
 local_release_dir: /tmp
 
-# This is the group that the cert creation scripts chgrp the
-# cert files to. Not really changable...
-kube_cert_group: kube-cert
-
 # Versions
 kube_version: v1.1.4
 etcd_version: v2.2.4
diff --git a/roles/kubernetes/node/defaults/main.yml b/roles/kubernetes/node/defaults/main.yml
index 1601d5598..24ac9732d 100644
--- a/roles/kubernetes/node/defaults/main.yml
+++ b/roles/kubernetes/node/defaults/main.yml
@@ -24,10 +24,6 @@ kube_users_dir: "{{ kube_config_dir }}/users"
 # pods on startup
 kube_manifest_dir: "{{ kube_config_dir }}/manifests"
 
-# This is the group that the cert creation scripts chgrp the
-# cert files to. Not really changable...
-kube_cert_group: kube-cert
-
 dns_domain: "{{ cluster_name }}"
 
 kube_proxy_mode: userspace
diff --git a/roles/kubernetes/node/tasks/main.yml b/roles/kubernetes/node/tasks/main.yml
index 387f5bf72..e34284352 100644
--- a/roles/kubernetes/node/tasks/main.yml
+++ b/roles/kubernetes/node/tasks/main.yml
@@ -8,10 +8,6 @@
 - name: Make sure manifest directory exists
   file: path={{ kube_manifest_dir }} state=directory
 
-
-- name: certs | create system kube-cert groups
-  group: name={{ kube_cert_group }} state=present system=yes
-
 - include: secrets.yml
   tags:
     - secrets