diff --git a/cluster/addons/dashboard/OWNERS b/cluster/addons/dashboard/OWNERS
new file mode 100644
index 00000000000..222788b954c
--- /dev/null
+++ b/cluster/addons/dashboard/OWNERS
@@ -0,0 +1,6 @@
+approvers:
+- floreks
+- maciaszczykm
+reviewers:
+- floreks
+- maciaszczykm
diff --git a/cluster/addons/dashboard/dashboard-controller.yaml b/cluster/addons/dashboard/dashboard-controller.yaml
index c8869917c97..a5744cd319f 100644
--- a/cluster/addons/dashboard/dashboard-controller.yaml
+++ b/cluster/addons/dashboard/dashboard-controller.yaml
@@ -7,7 +7,7 @@ metadata:
   name: kubernetes-dashboard
   namespace: kube-system
 ---
-apiVersion: apps/v1beta2
+apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: kubernetes-dashboard
@@ -30,7 +30,7 @@ spec:
       priorityClassName: system-cluster-critical
       containers:
       - name: kubernetes-dashboard
-        image: k8s.gcr.io/kubernetes-dashboard-amd64:v1.8.0
+        image: k8s.gcr.io/kubernetes-dashboard-amd64:v1.8.3
         resources:
           limits:
             cpu: 100m
@@ -57,7 +57,8 @@ spec:
           timeoutSeconds: 30
       volumes:
       - name: kubernetes-dashboard-certs
-        emptyDir: {}
+        secret:
+          secretName: kubernetes-dashboard-certs
       - name: tmp-volume
         emptyDir: {}
       serviceAccountName: kubernetes-dashboard
diff --git a/cluster/addons/dashboard/dashboard-rbac.yaml b/cluster/addons/dashboard/dashboard-rbac.yaml
index 658ffd94861..3c222b21db1 100644
--- a/cluster/addons/dashboard/dashboard-rbac.yaml
+++ b/cluster/addons/dashboard/dashboard-rbac.yaml
@@ -7,10 +7,6 @@ metadata:
   name: kubernetes-dashboard-minimal
   namespace: kube-system
 rules:
-  # Allow Dashboard to create 'kubernetes-dashboard-key-holder' secret.
-- apiGroups: [""]
-  resources: ["secrets"]
-  verbs: ["create"]
   # Allow Dashboard to get, update and delete Dashboard exclusive secrets.
 - apiGroups: [""]
   resources: ["secrets"]
@@ -26,6 +22,10 @@ rules:
   resources: ["services"]
   resourceNames: ["heapster"]
   verbs: ["proxy"]
+- apiGroups: [""]
+  resources: ["services/proxy"]
+  resourceNames: ["heapster", "http:heapster:", "https:heapster:"]
+  verbs: ["get"]
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
diff --git a/cluster/addons/dashboard/dashboard-secret.yaml b/cluster/addons/dashboard/dashboard-secret.yaml
index f26235bec3b..a79b6a7ce34 100644
--- a/cluster/addons/dashboard/dashboard-secret.yaml
+++ b/cluster/addons/dashboard/dashboard-secret.yaml
@@ -8,3 +8,14 @@ metadata:
   name: kubernetes-dashboard-certs
   namespace: kube-system
 type: Opaque
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  labels:
+    k8s-app: kubernetes-dashboard
+    # Allows editing resource and makes sure it is created first.
+    addonmanager.kubernetes.io/mode: EnsureExists
+  name: kubernetes-dashboard-key-holder
+  namespace: kube-system
+type: Opaque