diff --git a/pod-configs/orchestrator/cluster/main.tf b/pod-configs/orchestrator/cluster/main.tf
index e83aaa35f..2a4c46a8b 100644
--- a/pod-configs/orchestrator/cluster/main.tf
+++ b/pod-configs/orchestrator/cluster/main.tf
@@ -39,7 +39,7 @@ module "eks" {
   addons                      = var.eks_addons
   eks_version                 = var.eks_version
   max_pods                    = var.eks_max_pods
-  additional_node_groups      = var.eks_additional_node_groups
+  additional_node_groups      = var.enable_observability_node ? var.eks_additional_node_groups : {}
   public_cloud                = var.public_cloud
   enable_cache_registry       = var.enable_cache_registry
   cache_registry              = var.cache_registry
@@ -195,7 +195,7 @@ module "eks_auth" {
 }
 
 module "ec2log" {
-  count             = var.enable_ec2log ? 1 : 0
+  count             = var.enable_ec2log && var.enable_observability_node ? 1 : 0
   depends_on        = [time_sleep.wait_eks]
   source            = "../../module/ec2log"
   cluster_name      = var.eks_cluster_name
diff --git a/pod-configs/orchestrator/cluster/variable.tf b/pod-configs/orchestrator/cluster/variable.tf
index 4a5a73b47..e03daa006 100644
--- a/pod-configs/orchestrator/cluster/variable.tf
+++ b/pod-configs/orchestrator/cluster/variable.tf
@@ -418,4 +418,8 @@ variable "eks_cluster_dns_ip" {
   description = "IP address of the DNS server for the cluster, leave empty to use the default DNS server"
 }
 
-
+variable "enable_observability_node" {
+  type        = bool
+  default     = false
+  description = "Whether to create the observability node group"
+}
diff --git a/pod-configs/utils/provision.sh b/pod-configs/utils/provision.sh
index 4b91f3f5c..e9ee5e9dd 100755
--- a/pod-configs/utils/provision.sh
+++ b/pod-configs/utils/provision.sh
@@ -1885,6 +1885,9 @@ smtp_from=""
 tls_key=""
 tls_cert=""
 ca_cert=""
+
+# Launch an additional EC2 instance dedicated to observability (true/false)
+enable_observability_node="false"
 EOF
 
         if $AUTO_CERT; then