diff --git a/modules/azurerm/Automation-Webhook/automation_webhook.tf b/modules/azurerm/Automation-Webhook/automation_webhook.tf
index 51e21ca6..c8c47a4a 100644
--- a/modules/azurerm/Automation-Webhook/automation_webhook.tf
+++ b/modules/azurerm/Automation-Webhook/automation_webhook.tf
@@ -9,11 +9,26 @@
 #
 # --------------------------------------------------------------------------------------
 
+resource "time_rotating" "kv-cert-expiration-webhook" {
+  count           = var.automation_webhook_expiry_time != null ? 0 : 1
+  rotation_months = (var.rotation_time_in_months - var.notification_time_in_months)
+
+  lifecycle {
+    create_before_destroy = true
+  }
+}
+
+resource "time_offset" "kv-cert-expiration-webhook" {
+  count         = var.automation_webhook_expiry_time != null ? 0 : 1
+  base_rfc3339  = time_rotating.kv-cert-expiration-webhook[0].id
+  offset_months = var.rotation_time_in_months
+}
+
 resource "azurerm_automation_webhook" "automation_webhook" {
   name                    = var.automation_webhook_name
   resource_group_name     = var.resource_group_name
   automation_account_name = var.automation_account_name
-  expiry_time             = var.automation_webhook_expiry_time
+  expiry_time             = coalesce(var.automation_webhook_expiry_time, time_offset.kv-cert-expiration-webhook[0].rfc3339)
   enabled                 = var.automation_webhook_enabled
   runbook_name            = var.automation_runbook_name
 }
diff --git a/modules/azurerm/Automation-Webhook/variables.tf b/modules/azurerm/Automation-Webhook/variables.tf
index 8d9d9a35..de940db1 100644
--- a/modules/azurerm/Automation-Webhook/variables.tf
+++ b/modules/azurerm/Automation-Webhook/variables.tf
@@ -27,6 +27,7 @@ variable "automation_account_name" {
 variable "automation_webhook_expiry_time" {
   description = "Timestamp when the webhook expires"
   type        = string
+  default     = null
 }
 
 variable "automation_webhook_enabled" {
@@ -40,3 +41,15 @@ variable "automation_runbook_name" {
   description = "Name of the Automation Runbook to execute by Webhook"
   type        = string
 }
+
+variable "notification_time_in_months" {
+  description = "The time in months to notify before the webhook expires"
+  type        = number
+  default     = 1
+}
+
+variable "rotation_time_in_months" {
+  description = "The time in months to rotate the webhook"
+  type        = number
+  default     = 6
+}
diff --git a/modules/azurerm/Automation-Webhook/versions.tf b/modules/azurerm/Automation-Webhook/versions.tf
index a8fa2735..c365a81a 100644
--- a/modules/azurerm/Automation-Webhook/versions.tf
+++ b/modules/azurerm/Automation-Webhook/versions.tf
@@ -16,5 +16,9 @@ terraform {
       source  = "hashicorp/azurerm"
       version = ">= 3.52.0"
     }
+    time = {
+      source  = "hashicorp/time"
+      version = ">= 0.12.1"
+    }
   }
 }