diff --git a/cluster/addons/rbac/apiserver-node-proxy-binding.yaml b/cluster/addons/rbac/kube-apiserver-kubelet-api-admin-binding.yaml
similarity index 69%
rename from cluster/addons/rbac/apiserver-node-proxy-binding.yaml
rename to cluster/addons/rbac/kube-apiserver-kubelet-api-admin-binding.yaml
index 8bfe366edb5..65f72f15dfb 100644
--- a/cluster/addons/rbac/apiserver-node-proxy-binding.yaml
+++ b/cluster/addons/rbac/kube-apiserver-kubelet-api-admin-binding.yaml
@@ -1,14 +1,15 @@
+# This binding gives the kube-apiserver user full access to the kubelet API
 apiVersion: rbac.authorization.k8s.io/v1beta1
 kind: ClusterRoleBinding
 metadata:
-  name: apiserver-node-proxy
+  name: kube-apiserver-kubelet-api-admin
   labels:
     kubernetes.io/cluster-service: "true"
     addonmanager.kubernetes.io/mode: Reconcile
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
-  name: node-proxy
+  name: kubelet-api-admin
 subjects:
 - apiGroup: rbac.authorization.k8s.io
   kind: User
diff --git a/cluster/addons/rbac/node-proxy-role.yaml b/cluster/addons/rbac/kubelet-api-admin-role.yaml
similarity index 77%
rename from cluster/addons/rbac/node-proxy-role.yaml
rename to cluster/addons/rbac/kubelet-api-admin-role.yaml
index 03a7f944c33..09eb1d1b37f 100644
--- a/cluster/addons/rbac/node-proxy-role.yaml
+++ b/cluster/addons/rbac/kubelet-api-admin-role.yaml
@@ -1,7 +1,8 @@
+# This role allows full access to the kubelet API
 apiVersion: rbac.authorization.k8s.io/v1beta1
 kind: ClusterRole
 metadata:
-  name: node-proxy
+  name: kubelet-api-admin
   labels:
     kubernetes.io/cluster-service: "true"
     addonmanager.kubernetes.io/mode: Reconcile
@@ -10,15 +11,9 @@ rules:
   - ""
   resources:
   - nodes/proxy
-  verbs:
-  - create
-  - get
-- apiGroups:
-  - ""
-  resources:
   - nodes/log
   - nodes/stats
   - nodes/metrics
   - nodes/spec
   verbs:
-  - get
+  - "*"