diff --git a/README.md b/README.md
index bf2455c..2247de9 100644
--- a/README.md
+++ b/README.md
@@ -91,13 +91,13 @@ Apache-2.0 Licensed. See [LICENSE](https://github.com/aws-ia/terraform-aws-mwaa/
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 4.63.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.39.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 4.63.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.39.0 |
 
 ## Modules
 
@@ -136,6 +136,7 @@ No modules.
 | <a name="input_create_s3_bucket"></a> [create\_s3\_bucket](#input\_create\_s3\_bucket) | Create new S3 bucket for MWAA. | `string` | `true` | no |
 | <a name="input_create_security_group"></a> [create\_security\_group](#input\_create\_security\_group) | Create security group for MWAA | `bool` | `true` | no |
 | <a name="input_dag_s3_path"></a> [dag\_s3\_path](#input\_dag\_s3\_path) | (Required) The relative path to the DAG folder on your Amazon S3 storage bucket. For example, dags. | `string` | `"dags"` | no |
+| <a name="input_endpoint_management"></a> [endpoint\_management](#input\_endpoint\_management) | (Optional) Specifies who is responsible for creating the VPC endpoints for environment. CUSTOMER is useful when your VPC is owned by another account. Possible options: SERVICE (default) and CUSTOMER | `string` | `"SERVICE"` | no |
 | <a name="input_environment_class"></a> [environment\_class](#input\_environment\_class) | (Optional) Environment class for the cluster. Possible options are mw1.small, mw1.medium, mw1.large, mw1.xlarge, mw1.2xlarge.<br>Will be set by default to mw1.small. Please check the AWS Pricing for more information about the environment classes. | `string` | `"mw1.small"` | no |
 | <a name="input_execution_role_arn"></a> [execution\_role\_arn](#input\_execution\_role\_arn) | (Required) The Amazon Resource Name (ARN) of the task execution role that the Amazon MWAA and its environment can assume<br>Mandatory if `create_iam_role=false` | `string` | `null` | no |
 | <a name="input_force_detach_policies"></a> [force\_detach\_policies](#input\_force\_detach\_policies) | IAM role Force detach policies | `bool` | `false` | no |
diff --git a/main.tf b/main.tf
index e689ee8..a788845 100644
--- a/main.tf
+++ b/main.tf
@@ -23,6 +23,7 @@ resource "aws_mwaa_environment" "mwaa" {
   source_bucket_arn               = local.source_bucket_arn
   webserver_access_mode           = var.webserver_access_mode
   weekly_maintenance_window_start = var.weekly_maintenance_window_start
+  endpoint_management             = var.endpoint_management
 
   tags = var.tags
 
diff --git a/variables.tf b/variables.tf
index 612b9ee..0c72d6a 100644
--- a/variables.tf
+++ b/variables.tf
@@ -137,6 +137,17 @@ variable "weekly_maintenance_window_start" {
   default     = null
 }
 
+variable "endpoint_management" {
+  description = "(Optional) Specifies who is responsible for creating the VPC endpoints for environment. CUSTOMER is useful when your VPC is owned by another account. Possible options: SERVICE (default) and CUSTOMER"
+  type        = string
+  default     = "SERVICE"
+
+  validation {
+    condition     = contains(["SERVICE", "CUSTOMER"], var.endpoint_management)
+    error_message = "Invalid input, options: \"SERVICE\", \"CUSTOMER\"."
+  }
+}
+
 variable "tags" {
   description = "(Optional) A map of resource tags to associate with the resource"
   type        = map(string)
diff --git a/versions.tf b/versions.tf
index b398951..e98b4ca 100644
--- a/versions.tf
+++ b/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 4.63.0"
+      version = ">= 5.39.0"
     }
   }
 }