diff --git a/README.md b/README.md
index b1944a1..5f5bbdb 100644
--- a/README.md
+++ b/README.md
@@ -46,6 +46,7 @@ Functional examples are included in the
 | billing\_account\_id | If assigning billing role, specificy a billing account (default is to assign at the organizational level). | `string` | `""` | no |
 | description | Default description of the created service accounts (defaults to no description) | `string` | `""` | no |
 | descriptions | List of descriptions for the created service accounts (elements default to the value of `description`) | `list(string)` | `[]` | no |
+| disabled | A map of service account names to a boolean value indicating whether the service account should be disabled. Service accounts not in this map will be enabled by default. | `map(bool)` | `{}` | no |
 | display\_name | Display names of the created service accounts (defaults to 'Terraform-managed service account') | `string` | `"Terraform-managed service account"` | no |
 | generate\_keys | Generate keys for service accounts. | `bool` | `false` | no |
 | grant\_billing\_role | Grant billing user role. | `bool` | `false` | no |
@@ -60,6 +61,7 @@ Functional examples are included in the
 
 | Name | Description |
 |------|-------------|
+| disabled | The disabled status of the service accounts. |
 | email | Service account email (for single use). |
 | emails | Service account emails by name. |
 | emails\_list | Service account emails as list. |
diff --git a/examples/disabled_service_accounts/main.tf b/examples/disabled_service_accounts/main.tf
new file mode 100644
index 0000000..f52a4dc
--- /dev/null
+++ b/examples/disabled_service_accounts/main.tf
@@ -0,0 +1,24 @@
+# Copyright 2025 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+module "service_accounts" {
+  source     = "terraform-google-modules/service-accounts/google"
+  version    = "~> 4.0"
+  project_id = var.project_id
+  names      = ["disabled-sa-1", "enabled-sa-2"]
+  disabled = {
+    "disabled-sa-1" = true
+    "enabled-sa-2"  = false
+  }
+}
diff --git a/examples/disabled_service_accounts/outputs.tf b/examples/disabled_service_accounts/outputs.tf
new file mode 100644
index 0000000..1837914
--- /dev/null
+++ b/examples/disabled_service_accounts/outputs.tf
@@ -0,0 +1,17 @@
+# Copyright 2025 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+output "is_disabled" {
+  value = module.service_accounts.disabled
+}
diff --git a/examples/disabled_service_accounts/variables.tf b/examples/disabled_service_accounts/variables.tf
new file mode 100644
index 0000000..f7c4726
--- /dev/null
+++ b/examples/disabled_service_accounts/variables.tf
@@ -0,0 +1,18 @@
+# Copyright 2025 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+variable "project_id" {
+  description = "The project ID to host the service accounts in"
+  type        = string
+}
diff --git a/main.tf b/main.tf
index 61376fd..a7027a0 100644
--- a/main.tf
+++ b/main.tf
@@ -40,6 +40,7 @@ resource "google_service_account" "service_accounts" {
   display_name = var.display_name
   description  = index(var.names, each.value) >= length(var.descriptions) ? var.description : element(var.descriptions, index(var.names, each.value))
   project      = var.project_id
+  disabled     = lookup(var.disabled, each.value, false)
 }
 
 # common roles
diff --git a/metadata.yaml b/metadata.yaml
index 55e6e4c..202b52f 100644
--- a/metadata.yaml
+++ b/metadata.yaml
@@ -94,6 +94,10 @@ spec:
         description: List of descriptions for the created service accounts (elements default to the value of `description`)
         varType: list(string)
         defaultValue: []
+      - name: disabled
+        description: A map of service account names to a boolean value indicating whether the service account should be disabled. Service accounts not in this map will be enabled by default.
+        varType: map(bool)
+        defaultValue: {}
     outputs:
       - name: email
         description: Service account email (for single use).
@@ -101,6 +105,8 @@ spec:
         description: Service account emails by name.
       - name: emails_list
         description: Service account emails as list.
+      - name: disabled
+        description: The disabled status of the service accounts.
       - name: iam_email
         description: IAM-format service account email (for single use).
       - name: iam_emails
diff --git a/outputs.tf b/outputs.tf
index 35e2506..6e3396e 100644
--- a/outputs.tf
+++ b/outputs.tf
@@ -70,3 +70,8 @@ output "keys" {
   sensitive   = true
   value       = { for k, v in local.names : k => var.generate_keys ? base64decode(google_service_account_key.keys[v].private_key) : "" }
 }
+
+output "disabled" {
+  description = "The disabled status of the service accounts."
+  value       = { for k, v in google_service_account.service_accounts : k => v.disabled }
+}
diff --git a/variables.tf b/variables.tf
index 484d229..65fd2c7 100644
--- a/variables.tf
+++ b/variables.tf
@@ -84,3 +84,9 @@ variable "descriptions" {
   description = "List of descriptions for the created service accounts (elements default to the value of `description`)"
   default     = []
 }
+
+variable "disabled" {
+  type        = map(bool)
+  description = "A map of service account names to a boolean value indicating whether the service account should be disabled. Service accounts not in this map will be enabled by default."
+  default     = {}
+}