diff --git a/local.tf b/local.tf
index 704b5cdcb2..4ea1b72ffb 100644
--- a/local.tf
+++ b/local.tf
@@ -64,6 +64,7 @@ locals {
     service_linked_role_arn       = ""                          # Arn of custom service linked role that Auto Scaling group will use. Useful when you have encrypted EBS
     termination_policies          = []                          # A list of policies to decide how the instances in the auto scale group should be terminated.
     platform                      = "linux"                     # Platform of workers. either "linux" or "windows"
+    additional_ebs_volumes        = []                          # A list of additional volumes to be attached to the instances on this Auto Scaling group. Each volume should be an object with the following: block_device_name (required), volume_size, volume_type, iops, encrypted, kms_key_id (only on launch-template), delete_on_termination. Optional values are grabbed from root volume or from defaults
     # Settings for launch templates
     root_block_device_name            = data.aws_ami.eks_worker.root_device_name # Root device name for workers. If non is provided, will assume default AMI was used.
     root_kms_key_id                   = ""                                       # The KMS key to use when encrypting the root storage device
diff --git a/workers.tf b/workers.tf
index ce2b27c601..2eed088c4f 100644
--- a/workers.tf
+++ b/workers.tf
@@ -223,6 +223,36 @@ resource "aws_launch_configuration" "workers" {
     delete_on_termination = true
   }
 
+  dynamic "ebs_block_device" {
+    for_each = lookup(var.worker_groups[count.index], "additional_ebs_volumes", local.workers_group_defaults["additional_ebs_volumes"])
+
+    content {
+      device_name = ebs_block_device.value.block_device_name
+      volume_size = lookup(
+        ebs_block_device.value,
+        "volume_size",
+        local.workers_group_defaults["root_volume_size"],
+      )
+      volume_type = lookup(
+        ebs_block_device.value,
+        "volume_type",
+        local.workers_group_defaults["root_volume_type"],
+      )
+      iops = lookup(
+        ebs_block_device.value,
+        "iops",
+        local.workers_group_defaults["root_iops"],
+      )
+      encrypted = lookup(
+        ebs_block_device.value,
+        "encrypted",
+        local.workers_group_defaults["root_encrypted"],
+      )
+      delete_on_termination = lookup(ebs_block_device.value, "delete_on_termination", true)
+    }
+
+  }
+
   lifecycle {
     create_before_destroy = true
   }
diff --git a/workers_launch_template.tf b/workers_launch_template.tf
index 52ec738588..4eea118167 100644
--- a/workers_launch_template.tf
+++ b/workers_launch_template.tf
@@ -351,6 +351,43 @@ resource "aws_launch_template" "workers_launch_template" {
     }
   }
 
+  dynamic "block_device_mappings" {
+    for_each = lookup(var.worker_groups_launch_template[count.index], "additional_ebs_volumes", local.workers_group_defaults["additional_ebs_volumes"])
+    content {
+      device_name = block_device_mappings.value.block_device_name
+
+      ebs {
+        volume_size = lookup(
+          block_device_mappings.value,
+          "volume_size",
+          local.workers_group_defaults["root_volume_size"],
+        )
+        volume_type = lookup(
+          block_device_mappings.value,
+          "volume_type",
+          local.workers_group_defaults["root_volume_type"],
+        )
+        iops = lookup(
+          block_device_mappings.value,
+          "iops",
+          local.workers_group_defaults["root_iops"],
+        )
+        encrypted = lookup(
+          block_device_mappings.value,
+          "encrypted",
+          local.workers_group_defaults["root_encrypted"],
+        )
+        kms_key_id = lookup(
+          block_device_mappings.value,
+          "kms_key_id",
+          local.workers_group_defaults["root_kms_key_id"],
+        )
+        delete_on_termination = lookup(block_device_mappings.value, "delete_on_termination", true)
+      }
+    }
+
+  }
+
   tag_specifications {
     resource_type = "volume"