diff --git a/files/local/local-path-provisioner-Deployment.yaml b/files/local/local-path-provisioner-Deployment.yaml
index 5b0d665..b2de1af 100644
--- a/files/local/local-path-provisioner-Deployment.yaml
+++ b/files/local/local-path-provisioner-Deployment.yaml
@@ -16,7 +16,7 @@ spec:
       serviceAccountName: local-path-provisioner-service-account
       containers:
       - name: local-path-provisioner
-        image: rancher/local-path-provisioner:v0.0.15
+        image: rancher/local-path-provisioner:v0.0.14
         imagePullPolicy: IfNotPresent
         command:
         - local-path-provisioner
diff --git a/files/nfs/leader-locking-nfs-provisioner-RoleBinding.yaml b/files/nfs/leader-locking-nfs-provisioner-RoleBinding.yaml
index d0dd6aa..9d35d9e 100644
--- a/files/nfs/leader-locking-nfs-provisioner-RoleBinding.yaml
+++ b/files/nfs/leader-locking-nfs-provisioner-RoleBinding.yaml
@@ -6,7 +6,7 @@ subjects:
   - kind: ServiceAccount
     name: nfs-provisioner
     # replace with namespace where provisioner is deployed
-    namespace: nfs-provisioner
+    namespace: default
 roleRef:
   kind: Role
   name: leader-locking-nfs-provisioner
diff --git a/files/nfs/run-nfs-provisioner-ClusterRoleBinding.yaml b/files/nfs/run-nfs-provisioner-ClusterRoleBinding.yaml
index 847b86e..4478734 100644
--- a/files/nfs/run-nfs-provisioner-ClusterRoleBinding.yaml
+++ b/files/nfs/run-nfs-provisioner-ClusterRoleBinding.yaml
@@ -6,7 +6,7 @@ subjects:
   - kind: ServiceAccount
     name: nfs-provisioner
      # replace with namespace where provisioner is deployed
-    namespace: nfs-provisioner
+    namespace: default
 roleRef:
   kind: ClusterRole
   name: nfs-provisioner-runner
diff --git a/files/secrets-store/csi-secrets-store-DaemonSet.yaml b/files/secrets-store/csi-secrets-store-DaemonSet.yaml
index d06f605..e88104e 100644
--- a/files/secrets-store/csi-secrets-store-DaemonSet.yaml
+++ b/files/secrets-store/csi-secrets-store-DaemonSet.yaml
@@ -12,6 +12,8 @@ spec:
       labels:
         app: csi-secrets-store
     spec:
+      nodeSelector:
+        beta.kubernetes.io/os: linux
       serviceAccountName: secrets-store-csi-driver
       hostNetwork: true
       containers:
@@ -43,13 +45,12 @@ spec:
             - name: registration-dir
               mountPath: /registration
         - name: secrets-store
-          image: us.gcr.io/k8s-artifacts-prod/csi-secrets-store/driver:v0.0.12
+          image: docker.io/deislabs/secrets-store-csi:v0.0.11
           args:
             - "--debug=true"
             - "--endpoint=$(CSI_ENDPOINT)"
             - "--nodeid=$(KUBE_NODE_NAME)"
             - "--provider-volume=/etc/kubernetes/secrets-store-csi-providers"
-            - "--metrics-addr=:8080"
           env:
             - name: CSI_ENDPOINT
               value: unix:///csi/csi.sock
@@ -82,13 +83,12 @@ spec:
             - name: providers-dir
               mountPath: /etc/kubernetes/secrets-store-csi-providers
         - name: liveness-probe
-          image: quay.io/k8scsi/livenessprobe:v2.0.0
+          image: quay.io/k8scsi/livenessprobe:v1.1.0
           imagePullPolicy: Always
           args:
           - --csi-address=/csi/csi.sock
           - --probe-timeout=3s
           - --health-port=9808
-          - -v=2
           volumeMounts:
             - name: plugin-dir
               mountPath: /csi
@@ -109,5 +109,3 @@ spec:
           hostPath:
             path: /etc/kubernetes/secrets-store-csi-providers
             type: DirectoryOrCreate
-      nodeSelector:
-        kubernetes.io/os: linux
diff --git a/files/secrets-store/secretproviderclasses-role-ClusterRole.yaml b/files/secrets-store/secretproviderclasses-role-ClusterRole.yaml
index 0ae0e1b..093e607 100644
--- a/files/secrets-store/secretproviderclasses-role-ClusterRole.yaml
+++ b/files/secrets-store/secretproviderclasses-role-ClusterRole.yaml
@@ -11,7 +11,6 @@ rules:
   - get
   - list
   - update
-  - watch
 - apiGroups:
   - secrets-store.csi.x-k8s.io
   resources:
@@ -20,7 +19,6 @@ rules:
   - get
   - patch
   - update
-  - watch
 - apiGroups:
   - ""
   resources:
@@ -30,26 +28,3 @@ rules:
   - delete
   - get
   - update
-  - patch
-  - list
-  - watch
-- apiGroups:
-  - secrets-store.csi.x-k8s.io
-  resources:
-  - secretproviderclasspodstatuses
-  verbs:
-  - create
-  - delete
-  - get
-  - list
-  - patch
-  - update
-  - watch
-- apiGroups:
-  - secrets-store.csi.x-k8s.io
-  resources:
-  - secretproviderclasspodstatuses/status
-  verbs:
-  - get
-  - update
-  - patch
diff --git a/files/secrets-store/secretproviderclasses.secrets-store.csi.x-k8s.io-CustomResourceDefinition.yaml b/files/secrets-store/secretproviderclasses.secrets-store.csi.x-k8s.io-CustomResourceDefinition.yaml
index 9b0466b..117a6b7 100644
--- a/files/secrets-store/secretproviderclasses.secrets-store.csi.x-k8s.io-CustomResourceDefinition.yaml
+++ b/files/secrets-store/secretproviderclasses.secrets-store.csi.x-k8s.io-CustomResourceDefinition.yaml
@@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.3.0
+    controller-gen.kubebuilder.io/version: v0.2.4
   creationTimestamp: null
   name: secretproviderclasses.secrets-store.csi.x-k8s.io
 spec:
@@ -21,12 +21,12 @@ spec:
         apiVersion:
           description: 'APIVersion defines the versioned schema of this representation
             of an object. Servers should convert recognized schemas to the latest
-            internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
           type: string
         kind:
           description: 'Kind is a string value representing the REST resource this
             object represents. Servers may infer this from the endpoint the client
-            submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
           type: string
         metadata:
           type: object
diff --git a/vars/nfs.yml b/vars/nfs.yml
deleted file mode 100644
index de8e5f3..0000000
--- a/vars/nfs.yml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-store_nfs_files:
-  - "nfs-provisioner-PodSecurityPolicy.yaml"
-  - "nfs-provisioner-runner-ClusterRole.yaml"
-  - "run-nfs-provisioner-ClusterRoleBinding.yaml"
-  - "leader-locking-nfs-provisioner-Role.yaml"
-  - "leader-locking-nfs-provisioner-RoleBinding.yaml"
-  - "nfs-provisioner-ServiceAccount.yaml"
-  - "nfs-provisioner-Service.yaml"
-  - "nfs-provisioner-Deployment.yaml"
-  - "StorageClass.yaml"
diff --git a/vars/secrets_store_files_list.yml b/vars/secrets_store_files_list.yml
index be2b01b..fcdd787 100644
--- a/vars/secrets_store_files_list.yml
+++ b/vars/secrets_store_files_list.yml
@@ -1,8 +1,8 @@
 ---
 secrets_store_files:
-  - "secrets-store/secretproviderclasses-role-ClusterRole.yaml"
   - "secrets-store/secrets-store-csi-driver-ServiceAccount.yaml"
   - "secrets-store/secretproviderclasses-rolebinding-ClusterRoleBinding.yaml"
+  - "secrets-store/secretproviderclasses-role-ClusterRole.yaml"
   - "secrets-store/secrets-store.csi.k8s.io-CSIDriver.yaml"
   - "secrets-store/secretproviderclasses.secrets-store.csi.x-k8s.io-CustomResourceDefinition.yaml"
   - "secrets-store/csi-secrets-store-DaemonSet.yaml"