diff --git a/main.tf b/main.tf
index b219ff3..446c652 100644
--- a/main.tf
+++ b/main.tf
@@ -5,6 +5,7 @@
 # Retrieve AWS credentials from env variables AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY
 provider "aws" {
   region = "${var.aws_region}"
+  profile = "${var.aws_profile}"
 }
 
 #####
@@ -178,7 +179,7 @@ data "template_file" "init_master" {
 
   vars {
     kubeadm_token = "${module.kubeadm-token.token}"
-    dns_name      = "${var.cluster_name}.${var.hosted_zone}"
+    dns_name      = "internal.${var.cluster_name}.${var.hosted_zone}"
     ip_address    = "${aws_eip.master.public_ip}"
     cluster_name  = "${var.cluster_name}"
     addons        = "${join(" ", var.addons)}"
@@ -187,7 +188,6 @@ data "template_file" "init_master" {
     asg_min_nodes = "${var.min_worker_count}"
     asg_max_nodes = "${var.max_worker_count}"
     aws_subnets   = "${join(" ", concat(var.worker_subnet_ids, list(var.master_subnet_id)))}"
-
   }
 }
 
@@ -196,7 +196,7 @@ data "template_file" "init_node" {
 
   vars {
     kubeadm_token = "${module.kubeadm-token.token}"
-    dns_name      = "${var.cluster_name}.${var.hosted_zone}"
+    dns_name      = "internal.${var.cluster_name}.${var.hosted_zone}"
   }
 }
 
@@ -313,6 +313,12 @@ resource "aws_instance" "master" {
     }
 }
 
+resource "aws_network_interface" "master_private_interfaces" {
+  count           = "${length(var.worker_subnet_ids)}"
+  security_groups = ["${aws_security_group.kubernetes.id}"]
+  subnet_id       = "${var.worker_subnet_ids[count.index]}"
+ }
+
 resource "aws_eip_association" "master_assoc" {
   instance_id   = "${aws_instance.master.id}"
   allocation_id = "${aws_eip.master.id}"
@@ -395,3 +401,11 @@ resource "aws_route53_record" "master" {
   records = ["${aws_eip.master.public_ip}"]
   ttl     = 300
 }
+
+resource "aws_route53_record" "master-internal" {
+  zone_id = "${data.aws_route53_zone.dns_zone.zone_id}"
+  name    = "internal.${var.cluster_name}.${var.hosted_zone}"
+  type    = "A"
+  records = ["${aws_network_interface.master_private_interfaces.*.private_ips}"]
+  ttl     = 300
+}
diff --git a/outputs.tf b/outputs.tf
index c31cfb1..f127f2b 100644
--- a/outputs.tf
+++ b/outputs.tf
@@ -12,6 +12,11 @@ output "public_ip" {
     value = "${aws_eip.master.public_ip}"
 }
 
+output "private_ip" {
+    description = "Cluster private IP address"
+    value = "${aws_instance.master.private_ip}"
+}
+
 output "dns" {
     description = "Cluster DNS address"
     value = "${aws_route53_record.master.fqdn}"
diff --git a/variables.tf b/variables.tf
index 6f3b0ac..5539ea8 100644
--- a/variables.tf
+++ b/variables.tf
@@ -3,6 +3,11 @@ variable "aws_region" {
     default     = "eu-central-1"
 }
 
+variable "aws_profile" {
+    description = "AWS credentials profile to use"
+    default = "default"
+}
+
 variable "cluster_name" {
     description = "Name of the AWS Kubernetes cluster - will be used to name all created resources"
 }
@@ -77,4 +82,4 @@ variable api_access_cidr {
   default = [
     "0.0.0.0/0"
   ]
-}
\ No newline at end of file
+}