diff --git a/README.md b/README.md
index ab447fe..eff5517 100644
--- a/README.md
+++ b/README.md
@@ -830,6 +830,14 @@ Type: `string`
 
 Default: `"255.255.255.0"`
 
+### <a name="input_tenant_id"></a> [tenant\_id](#input\_tenant\_id)
+
+Description: (Optional) Value of the tenant id
+
+Type: `string`
+
+Default: `""`
+
 ### <a name="input_traffic_type"></a> [traffic\_type](#input\_traffic\_type)
 
 Description: Traffic type of intent.
diff --git a/keyvault.tf b/keyvault.tf
index fb60050..39920dd 100644
--- a/keyvault.tf
+++ b/keyvault.tf
@@ -1,4 +1,6 @@
-data "azurerm_client_config" "current" {}
+data "azurerm_client_config" "current" {
+  count = var.tenant_id == "" ? 1 : 0
+}
 
 resource "azurerm_key_vault" "deployment_keyvault" {
   count = var.create_key_vault ? 1 : 0
@@ -7,7 +9,7 @@ resource "azurerm_key_vault" "deployment_keyvault" {
   name                            = var.random_suffix ? "${var.keyvault_name}-${random_integer.random_suffix.result}" : var.keyvault_name
   resource_group_name             = local.resource_group_name
   sku_name                        = "standard"
-  tenant_id                       = data.azurerm_client_config.current.tenant_id
+  tenant_id                       = var.tenant_id == "" ? data.azurerm_client_config.current[0].tenant_id : var.tenant_id
   enable_rbac_authorization       = true
   enabled_for_deployment          = true
   enabled_for_disk_encryption     = true
diff --git a/variables.tf b/variables.tf
index 732a777..6a8ddcb 100644
--- a/variables.tf
+++ b/variables.tf
@@ -609,6 +609,12 @@ variable "subnet_mask" {
   description = "The subnet mask for the network."
 }
 
+variable "tenant_id" {
+  type        = string
+  default     = ""
+  description = "(Optional) Value of the tenant id"
+}
+
 variable "traffic_type" {
   type = list(string)
   default = [