diff --git a/examples/generate-certificate-dns/example.tf b/examples/generate-certificate-dns/example.tf
index 6f8594e..63b2652 100644
--- a/examples/generate-certificate-dns/example.tf
+++ b/examples/generate-certificate-dns/example.tf
@@ -12,8 +12,12 @@ locals {
 module "acm" {
   source = "./../../"
 
-  name                      = "certificate"
-  environment               = "test"
-  domain_name               = "clouddrove.com"
-  subject_alternative_names = ["www.${local.domain}", "*.${local.domain}"]
+  name                         = "certificate"
+  environment                  = "test"
+  domain_name                  = "clouddrove.com"
+  subject_alternative_names    = ["www.${local.domain}", "*.${local.domain}"]
+  key_algorithm                = "RSA_2048"
+  transparency_logging_enabled = false
 }
+
+
diff --git a/examples/generate-certificate-dns/outputs.tf b/examples/generate-certificate-dns/outputs.tf
index 8e84cca..3e37ec3 100644
--- a/examples/generate-certificate-dns/outputs.tf
+++ b/examples/generate-certificate-dns/outputs.tf
@@ -23,4 +23,7 @@ output "validation_route53_record_fqdns" {
   description = "List of FQDNs built using the zone domain and name."
 }
 
-
+output "certificate_transparency_logging_preference" {
+  value       = module.acm.certificate_transparency_logging_preference
+  description = "Certificate transparency logging preference."
+}
diff --git a/main.tf b/main.tf
index 97a5425..78013d7 100644
--- a/main.tf
+++ b/main.tf
@@ -45,6 +45,7 @@ resource "aws_acm_certificate" "cert" {
   domain_name               = var.domain_name
   validation_method         = var.validation_method
   subject_alternative_names = var.subject_alternative_names
+  key_algorithm             = var.key_algorithm
   tags                      = module.labels.tags
 
   dynamic "validation_option" {
@@ -56,6 +57,14 @@ resource "aws_acm_certificate" "cert" {
     }
   }
 
+  dynamic "options" {
+    for_each = var.transparency_logging_enabled != null ? [1] : []
+    content {
+      certificate_transparency_logging_preference = var.transparency_logging_enabled ? "ENABLED" : "DISABLED"
+    }
+  }
+
+
   lifecycle {
     create_before_destroy = true
   }
diff --git a/outputs.tf b/outputs.tf
index 946b44a..2b14fe5 100644
--- a/outputs.tf
+++ b/outputs.tf
@@ -26,8 +26,12 @@ output "acm_certificate_status" {
   description = "Status of the certificate."
 }
 
-
 output "validation_route53_record_fqdns" {
   value       = [for record in aws_route53_record.default : record.fqdn]
   description = "List of FQDNs built using the zone domain and name."
+}
+
+output "certificate_transparency_logging_preference" {
+  value       = try(aws_acm_certificate.cert[0].options[0].certificate_transparency_logging_preference, null)
+  description = "Certificate transparency logging preference."
 }
\ No newline at end of file
diff --git a/variables.tf b/variables.tf
index 42820d1..2cf8132 100644
--- a/variables.tf
+++ b/variables.tf
@@ -128,4 +128,15 @@ variable "private_zone" {
   description = "Used with name field to get a private Hosted Zone."
 }
 
+variable "key_algorithm" {
+  type        = string
+  default     = null
+  description = "used to generate the public/private key pair for the certificate. Valid values: RSA_2048, RSA_4096, EC_prime256v1, EC_secp384r1, EC_secp521r1."
+}
+
+variable "transparency_logging_enabled" {
+  type        = bool
+  default     = false
+  description = "Whether to enable certificate transparency logging. Defaults to true. Set to false to disable."
+}