diff --git a/README.md b/README.md
index 422e84b..67b4d14 100644
--- a/README.md
+++ b/README.md
@@ -53,6 +53,10 @@ module "network" {
   subnet_prefixes     = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
   subnet_names        = ["subnet1", "subnet2", "subnet3"]
 
+  subnet_enforce_private_link_endpoint_network_policies = {
+    "subnet1" : true
+  }
+
   tags = {
     environment = "dev"
     costcenter  = "it"
diff --git a/main.tf b/main.tf
index 780f211..acb0a19 100644
--- a/main.tf
+++ b/main.tf
@@ -13,9 +13,10 @@ resource "azurerm_virtual_network" "vnet" {
 }
 
 resource "azurerm_subnet" "subnet" {
-  count                = length(var.subnet_names)
-  name                 = var.subnet_names[count.index]
-  resource_group_name  = data.azurerm_resource_group.network.name
-  address_prefixes     = [var.subnet_prefixes[count.index]]
-  virtual_network_name = azurerm_virtual_network.vnet.name
+  count                                          = length(var.subnet_names)
+  name                                           = var.subnet_names[count.index]
+  resource_group_name                            = data.azurerm_resource_group.network.name
+  address_prefixes                               = [var.subnet_prefixes[count.index]]
+  virtual_network_name                           = azurerm_virtual_network.vnet.name
+  enforce_private_link_endpoint_network_policies = lookup(var.subnet_enforce_private_link_endpoint_network_policies, var.subnet_names[count.index], false)
 }
diff --git a/test/fixture/main.tf b/test/fixture/main.tf
index fda5acc..c84adc4 100644
--- a/test/fixture/main.tf
+++ b/test/fixture/main.tf
@@ -18,6 +18,10 @@ module "network" {
   subnet_prefixes     = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
   subnet_names        = ["subnet1", "subnet2", "subnet3"]
 
+  subnet_enforce_private_link_endpoint_network_policies = {
+    "subnet1" : true
+  }
+
   tags = {
     environment = "dev"
     costcenter  = "it"
diff --git a/variables.tf b/variables.tf
index 3a964ab..5d19dfb 100644
--- a/variables.tf
+++ b/variables.tf
@@ -42,3 +42,9 @@ variable "tags" {
     environment = "dev"
   }
 }
+
+variable "subnet_enforce_private_link_endpoint_network_policies" {
+  description = "A map with key (string) `subnet name`, value (bool) `true` or `false` to indicate enable or disable network policies for the private link endpoint on the subnet. Default value is false."
+  type        = map(bool)
+  default     = {}
+}