diff --git a/charts/karpenter/README.md b/charts/karpenter/README.md
index 8eeab2785604..d3c4e3c0ec82 100644
--- a/charts/karpenter/README.md
+++ b/charts/karpenter/README.md
@@ -79,6 +79,7 @@ cosign verify public.ecr.aws/karpenter/karpenter:0.35.4 \
 | podDisruptionBudget.name | string | `"karpenter"` |  |
 | podLabels | object | `{}` | Additional labels for the pod. |
 | podSecurityContext | object | `{"fsGroup":65532}` | SecurityContext for the pod. |
+| postInstallHook.image | string | `public.ecr.aws/bitnami/kubectl:1.30` | The image to run the post-install hook. This minimally needs to have `kubectl` installed |
 | priorityClassName | string | `"system-cluster-critical"` | PriorityClass name for the pod. |
 | replicas | int | `2` | Number of replicas. |
 | revisionHistoryLimit | int | `10` | The number of old ReplicaSets to retain to allow rollback. |
diff --git a/charts/karpenter/templates/_helpers.tpl b/charts/karpenter/templates/_helpers.tpl
index 9dce663e2382..a74c4dbb1aea 100644
--- a/charts/karpenter/templates/_helpers.tpl
+++ b/charts/karpenter/templates/_helpers.tpl
@@ -75,6 +75,17 @@ Karpenter image to use
 {{- end }}
 {{- end }}
 
+{{/*
+Karpenter post-install hook image to use
+*/}}
+{{- define "karpenter.postInstallHook.image" -}}
+{{- if .Values.postInstallHook.image.digest }}
+{{- printf "%s:%s@%s" .Values.postInstallHook.image.repository  (default (printf "v%s" .Chart.AppVersion) .Values.postInstallHook.image.tag) .Values.postInstallHook.image.digest }}
+{{- else }}
+{{- printf "%s:%s" .Values.postInstallHook.image.repository  (default (printf "v%s" .Chart.AppVersion) .Values.postInstallHook.image.tag) }}
+{{- end }}
+{{- end }}
+
 
 {{/* Get PodDisruptionBudget API Version */}}
 {{- define "karpenter.pdb.apiVersion" -}}
diff --git a/charts/karpenter/templates/post-install-hook.yaml b/charts/karpenter/templates/post-install-hook.yaml
index 123e392a3c96..5a38c33d8672 100644
--- a/charts/karpenter/templates/post-install-hook.yaml
+++ b/charts/karpenter/templates/post-install-hook.yaml
@@ -23,7 +23,7 @@ spec:
       {{- end }}
       containers:
       - name: post-install-job
-        image: public.ecr.aws/bitnami/kubectl:1.30
+        image: {{ include "karpenter.postInstallHook.image" . }}
         command:
         - /bin/sh
         - -c
diff --git a/charts/karpenter/values.yaml b/charts/karpenter/values.yaml
index 8dfc528cd085..4f475daaa728 100644
--- a/charts/karpenter/values.yaml
+++ b/charts/karpenter/values.yaml
@@ -135,6 +135,14 @@ controller:
   healthProbe:
     # -- The container port to use for http health probe.
     port: 8081
+postInstallHook: 
+  image:
+    # -- Repository path to the post-install hook. This minimally needs to have `kubectl` installed
+    repository: public.ecr.aws/bitnami/kubectl
+    # -- Tag of the post-install hook image.
+    tag: "1.30"
+    # -- SHA256 digest of the post-install hook image.
+    digest: sha256:13a2ad1bd37ce42ee2a6f1ab0d30595f42eb7fe4a90d6ec848550524104a1ed6
 webhook:
   # -- Whether to enable the webhooks and webhook permissions.
   enabled: false