diff --git a/main.tf b/main.tf
index 21fc23f..3fd87a1 100644
--- a/main.tf
+++ b/main.tf
@@ -128,7 +128,7 @@ resource "azurerm_key_vault_key" "kvkey" {
   depends_on      = [azurerm_role_assignment.identity_assigned]
   count           = var.enabled && var.default_enabled == false ? 1 : 0
   name            = format("storage-%s-cmk-key", module.labels.id)
-  expiration_date = "2023-12-31T18:29:59Z"
+  expiration_date = var.expiration_date
   key_vault_id    = var.key_vault_id
   key_type        = "RSA"
   key_size        = 2048
diff --git a/variables.tf b/variables.tf
index 41732a5..e1867c6 100644
--- a/variables.tf
+++ b/variables.tf
@@ -180,6 +180,12 @@ variable "key_vault_id" {
   default = null
 }
 
+variable "expiration_date" {
+  type        = string
+  default     = "2023-12-31T18:29:59Z"
+  description = "Expiration UTC datetime (Y-m-d'T'H:M:S'Z')"
+}
+
 variable "shared_access_key_enabled" {
   type        = bool
   default     = true