diff --git a/.infrastructure/app/cluster.yml b/.infrastructure/app/cluster.yml
new file mode 100644
index 0000000..56bbf69
--- /dev/null
+++ b/.infrastructure/app/cluster.yml
@@ -0,0 +1,53 @@
+kind: Cluster
+apiVersion: kind.x-k8s.io/v1alpha4
+
+# Patch the generated kubeadm config with some extra settings
+kubeadmConfigPatches:
+  - |
+    apiVersion: kubelet.config.k8s.io/v1beta1
+    kind: KubeletConfiguration
+    evictionHard:
+      nodefs.available: "0%"
+# Patch it further using a JSON 6902 patch
+kubeadmConfigPatchesJSON6902:
+  - group: kubeadm.k8s.io
+    version: v1beta3
+    kind: ClusterConfiguration
+    patch: |
+      - op: add
+        path: /apiServer/certSANs/-
+        value: my-hostname
+# 2 control plane nodes and 2 workers
+nodes:
+  # The control plane node config
+  - role: control-plane
+    extraMounts:
+      - hostPath: /tmp
+        containerPath: /data
+    kubeadmConfigPatches:
+      - |
+        kind: InitConfiguration
+        nodeRegistration:
+          kubeletExtraArgs:
+            node-labels: "ingress-ready=true"
+    extraPortMappings:
+      - containerPort: 30007
+        hostPort: 30007
+      - containerPort: 30008
+        hostPort: 30008
+      - containerPort: 80
+        hostPort: 80
+        protocol: TCP
+      - containerPort: 443
+        hostPort: 443
+        protocol: TCP
+
+  # The worker nodes
+  - role: worker
+    extraMounts:
+      - hostPath: /tmp
+        containerPath: /data
+  - role: worker
+    extraMounts:
+      - hostPath: /tmp
+        containerPath: /data
\ No newline at end of file
diff --git a/.infrastructure/app/deployment.yml b/.infrastructure/app/deployment.yml
index 6d86d03..edfeaed 100644
--- a/.infrastructure/app/deployment.yml
+++ b/.infrastructure/app/deployment.yml
@@ -74,13 +74,13 @@ spec:
           httpGet:
             path: api/health
             port: 8080
-          initialDelaySeconds: 60
+          initialDelaySeconds: 120
           periodSeconds: 5
         readinessProbe:
           httpGet:
             path: api/ready
             port: 8080
-          initialDelaySeconds: 5
+          initialDelaySeconds: 120
           periodSeconds: 5
       volumes:
       - name: data
@@ -91,4 +91,4 @@ spec:
           secretName: app-secret
       - name: app-config-volume
         configMap:
-          name: app-config
\ No newline at end of file
+          name: app-config
diff --git a/.infrastructure/app/secret.yml b/.infrastructure/app/secret.yml
index ca8de35..8db306f 100644
--- a/.infrastructure/app/secret.yml
+++ b/.infrastructure/app/secret.yml
@@ -5,8 +5,8 @@ metadata:
   namespace: todoapp
 type: Opaque
 data:
-  SECRET_KEY: QGUyKHl4KXYmdGdoM19zPTB5amEtaSFkcGVieHN6XmRnNDd4KS1rJmtxXzN6Zio5ZSoK
-  DB_NAME: "YXBwX2RiCg=="
+  SECRET_KEY: "QGUyKHl4KXYmdGdoM19zPTB5amEtaSFkcGVieHN6XmRnNDd4KS1rJmtxXzN6Zio5ZSoK"
+  DB_NAME: "YXBwX2Ri"
   DB_USER: "YXBwX3VzZXI="
   DB_PASSWORD: "MTIzNA=="
-  DB_HOST: "bXlzcWwtMC5teXNxbC5teXNxbC5zdmMuY2x1c3Rlci5sb2NhbAo="
\ No newline at end of file
+  DB_HOST: "bXlzcWwtMC5teXNxbC5teXNxbC5zdmMuY2x1c3Rlci5sb2NhbAo="
diff --git a/.infrastructure/security/rbac.yml b/.infrastructure/security/rbac.yml
new file mode 100644
index 0000000..752da4d
--- /dev/null
+++ b/.infrastructure/security/rbac.yml
@@ -0,0 +1,32 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: secrets-reader
+  namespace: todoapp
+
+---
+
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: secrets-reader
+  namespace: todoapp
+rules:
+- apiGroups: [""]
+  resources: ["secrets"]
+  verbs: ["list", "get"]
+
+---
+
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+ name: secrets-reader-binding
+ namespace: todoapp
+subjects:
+- kind: ServiceAccount
+  name: secrets-reader
+roleRef:
+  kind: Role
+  name: secrets-reader
+  apiGroup: rbac.authorization.k8s.io
\ No newline at end of file
diff --git a/README.md b/README.md
index e876337..da6d67e 100644
--- a/README.md
+++ b/README.md
@@ -43,3 +43,36 @@ Now you can browse the [API](http://localhost:8000/api/) or start on the [landin
 1. Make a screenshot of the output and attach it to the PR
 1. `README.md` should have instructuions on how to validate the changes
 1. Create PR with your changes and attach it for validation on a platform.
+
+
+## Steps to Deploy
+
+1.Use kind to create a Kubernetes cluster:
+```bash
+kind create cluster --config=cluster.yml
+```
+
+2.Deploy the Application
+```bash
+./bootstrap.sh
+```
+
+3. Access the Pod's Shell:`
+```bash
+kubectl exec -it <pod-name> -n todoapp -- sh
+```
+
+4. Set Up the Necessary Variables:
+```bash
+Inside the shell, define the variables for the API server, token, and CA certificate:
+APISERVER=https://kubernetes.default.svc
+SERVICEACCOUNT=/var/run/secrets/kubernetes.io/serviceaccount
+TOKEN=$(cat ${SERVICEACCOUNT}/token)
+CACERT=${SERVICEACCOUNT}/ca.crt
+```
+
+5. Execute the Curl Command to List Pods
+```bash
+curl --cacert ${CACERT} --header "Authorization: Bearer ${TOKEN}" -X GET ${APISERVER}/api/v1/namespaces/todoapp/secrets
+```
+
diff --git a/bootstrap.sh b/bootstrap.sh
index 2d534d7..8fabbc1 100644
--- a/bootstrap.sh
+++ b/bootstrap.sh
@@ -13,8 +13,9 @@ kubectl apply -f .infrastructure/app/configMap.yml
 kubectl apply -f .infrastructure/app/clusterIp.yml
 kubectl apply -f .infrastructure/app/nodeport.yml
 kubectl apply -f .infrastructure/app/hpa.yml
+kubectl apply -f .infrastructure/security/rbac.yml
 kubectl apply -f .infrastructure/app/deployment.yml
 
 # Install Ingress Controller
 kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/main/deploy/static/provider/kind/deploy.yaml
-# kubectl apply -f .infrastructure/ingress/ingress.yml
+kubectl apply -f .infrastructure/ingress/ingress.yml