diff --git a/bootstrap/terraform/gcp-bootstrap/deps.yaml b/bootstrap/terraform/gcp-bootstrap/deps.yaml
index 8dfe7d4eb..90cae4cb1 100644
--- a/bootstrap/terraform/gcp-bootstrap/deps.yaml
+++ b/bootstrap/terraform/gcp-bootstrap/deps.yaml
@@ -2,7 +2,7 @@ apiVersion: plural.sh/v1alpha1
 kind: Dependencies
 metadata:
   description: Creates a GKE cluster and adds initial configuration
-  version: 0.2.18
+  version: 0.2.19
 spec:
   dependencies: []
   providers:
diff --git a/bootstrap/terraform/gcp-bootstrap/main.tf b/bootstrap/terraform/gcp-bootstrap/main.tf
index 8c5933267..1a0ca10e5 100644
--- a/bootstrap/terraform/gcp-bootstrap/main.tf
+++ b/bootstrap/terraform/gcp-bootstrap/main.tf
@@ -63,6 +63,7 @@ module "gke" {
   release_channel            = var.release_channel
   regional                   = var.regional_cluster
   zones                      = var.cluster_zones
+  grant_registry_access      = var.grant_registry_access
 
   node_pools = var.node_pools
 
diff --git a/bootstrap/terraform/gcp-bootstrap/variables.tf b/bootstrap/terraform/gcp-bootstrap/variables.tf
index 70898d429..3f0bfe38c 100644
--- a/bootstrap/terraform/gcp-bootstrap/variables.tf
+++ b/bootstrap/terraform/gcp-bootstrap/variables.tf
@@ -348,4 +348,10 @@ variable "cluster_zones" {
   type        = list(string)
   description = "The zones to host the cluster in (optional if regional cluster / required if zonal)"
   default     = []
-}
\ No newline at end of file
+}
+
+variable "grant_registry_access" {
+  type        = bool
+  description = "Grants created cluster-specific service account storage.objectViewer and artifactregistry.reader roles."
+  default     = false
+}