diff --git a/opensearch_domain.tf b/opensearch_domain.tf
index e0ecb4c..c04725c 100644
--- a/opensearch_domain.tf
+++ b/opensearch_domain.tf
@@ -18,6 +18,7 @@ resource "aws_opensearch_domain" "default" {
   advanced_security_options {
     enabled                        = var.advanced_security_options_enabled
     internal_user_database_enabled = var.advanced_security_options_internal_user_database_enabled
+    anonymous_auth_enabled         = var.advanced_security_options_anonymous_auth_enabled
     master_user_options {
       master_user_arn      = var.advanced_security_options_master_user_arn
       master_user_name     = var.advanced_security_options_master_user_name
diff --git a/variables.tf b/variables.tf
index 43df291..4bcd373 100644
--- a/variables.tf
+++ b/variables.tf
@@ -463,3 +463,9 @@ variable "auto_tune" {
     error_message = "Variable auto_tune.rollback_on_disable valid values: DEFAULT_ROLLBACK or NO_ROLLBACK."
   }
 }
+
+variable "advanced_security_options_anonymous_auth_enabled" {
+  type        = bool
+  default     = false
+  description = "Whether Anonymous auth is enabled. Enables fine-grained access control on an existing domain"
+}