diff --git a/cra-config.yaml b/cra-config.yaml
index 9d82065a..e709426a 100644
--- a/cra-config.yaml
+++ b/cra-config.yaml
@@ -9,3 +9,4 @@ CRA_TARGETS:
       TF_VAR_existing_kms_instance_crn: "crn:v1:bluemix:public:hs-crypto:us-south:a/abac0df06b644a9cabc6e44f55b3880e:e6dce284-e80f-46e1-a3c1-830f7adff7a9::"
       TF_VAR_kms_endpoint_url: "https://e6dce284-e80f-46e1-a3c1-830f7adff7a9.api.private.us-south.hs-crypto.appdomain.cloud"
       TF_VAR_cross_region_location: "us"
+      TF_VAR_provider_visibility: "public"
diff --git a/ibm_catalog.json b/ibm_catalog.json
index 4ad560c1..31db8390 100644
--- a/ibm_catalog.json
+++ b/ibm_catalog.json
@@ -134,6 +134,23 @@
               "key": "kms_endpoint_url",
               "required": true
             },
+            {
+              "key": "provider_visibility",
+              "options": [
+                {
+                  "displayname": "private",
+                  "value": "private"
+                },
+                {
+                  "displayname": "public",
+                  "value": "public"
+                },
+                {
+                  "displayname": "public-and-private",
+                  "value": "public-and-private"
+                }
+              ]
+            },
             {
               "key": "existing_kms_root_key_crn"
             },
diff --git a/solutions/standard/provider.tf b/solutions/standard/provider.tf
index 781bedd5..515e60c2 100644
--- a/solutions/standard/provider.tf
+++ b/solutions/standard/provider.tf
@@ -1,10 +1,12 @@
 provider "ibm" {
   ibmcloud_api_key = var.ibmcloud_api_key
   region           = var.region
+  visibility       = var.provider_visibility
 }
 
 provider "ibm" {
   alias            = "kms"
   ibmcloud_api_key = var.ibmcloud_kms_api_key != null ? var.ibmcloud_kms_api_key : var.ibmcloud_api_key
   region           = local.kms_region
+  visibility       = var.provider_visibility
 }
diff --git a/solutions/standard/variables.tf b/solutions/standard/variables.tf
index 241d233d..b6f804d8 100644
--- a/solutions/standard/variables.tf
+++ b/solutions/standard/variables.tf
@@ -7,7 +7,16 @@ variable "ibmcloud_api_key" {
   description = "The API key to use for IBM Cloud."
   sensitive   = true
 }
+variable "provider_visibility" {
+  description = "Set the visibility value for the IBM terraform provider. Supported values are `public`, `private`, `public-and-private`. [Learn more](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/guides/custom-service-endpoints)."
+  type        = string
+  default     = "private"
 
+  validation {
+    condition     = contains(["public", "private", "public-and-private"], var.provider_visibility)
+    error_message = "Invalid visibility option. Allowed values are 'public', 'private', or 'public-and-private'."
+  }
+}
 variable "use_existing_resource_group" {
   type        = bool
   description = "Whether to use an existing resource group."
diff --git a/tests/pr_test.go b/tests/pr_test.go
index 386f51da..a3085365 100644
--- a/tests/pr_test.go
+++ b/tests/pr_test.go
@@ -212,6 +212,7 @@ func TestRunUpgradeDASolution(t *testing.T) {
 		"existing_kms_instance_crn":           permanentResources["hpcs_south_crn"],
 		"kms_endpoint_url":                    permanentResources["hpcs_south_public_endpoint"],
 		"kms_endpoint_type":                   "public",
+		"provider_visibility":                 "public",
 		"management_endpoint_type_for_bucket": "public",
 	}