diff --git a/omnibus/cookbooks/firezone/attributes/default.rb b/omnibus/cookbooks/firezone/attributes/default.rb
index 2076abc24..e592b86a1 100644
--- a/omnibus/cookbooks/firezone/attributes/default.rb
+++ b/omnibus/cookbooks/firezone/attributes/default.rb
@@ -243,6 +243,12 @@ default['firezone']['database']['parameters'] = {}
 default['firezone']['database']['pool'] = [10, Etc.nprocessors].max
 default['firezone']['database']['extensions'] = { 'plpgsql' => true, 'pg_trgm' => true }
 
+# Create the DB user. Set this to false if the user already exists.
+default['firezone']['database']['create_user'] = true
+
+# Create the DB. Set this to false if the database already exists.
+default['firezone']['database']['create_db'] = true
+
 # Uncomment to specify a database password. Not usually needed if using the bundled Postgresql.
 # default['firezone']['database']['password'] = 'change_me'
 
diff --git a/omnibus/cookbooks/firezone/recipes/database.rb b/omnibus/cookbooks/firezone/recipes/database.rb
index 808b5eecf..aa473c74d 100644
--- a/omnibus/cookbooks/firezone/recipes/database.rb
+++ b/omnibus/cookbooks/firezone/recipes/database.rb
@@ -30,18 +30,22 @@ ENV['PGPORT'] = node['firezone']['database']['port'].to_s
 ENV['PGUSER'] = node['firezone']['database']['user']
 ENV['PGPASSWORD'] = node['firezone']['database']['password']
 
-enterprise_pg_user node['firezone']['database']['user'] do
-  superuser true
-  password node['firezone']['database']['password'] || ''
-  # If the database user is the same as the main postgres user, don't create it.
-  not_if do
-    node['firezone']['database']['user'] ==
-      node['firezone']['postgresql']['username']
+unless node['firezone']['database']['create_user'] == false
+  enterprise_pg_user node['firezone']['database']['user'] do
+    superuser true
+    password node['firezone']['database']['password'] || ''
+    # If the database user is the same as the main postgres user, don't create it.
+    not_if do
+      node['firezone']['database']['user'] ==
+        node['firezone']['postgresql']['username']
+    end
   end
 end
 
-enterprise_pg_database node['firezone']['database']['name'] do
-  owner node['firezone']['database']['user']
+unless node['firezone']['database']['create_db'] == false
+  enterprise_pg_database node['firezone']['database']['name'] do
+    owner node['firezone']['database']['user']
+  end
 end
 
 node['firezone']['database']['extensions'].each do |ext, _enable|