diff --git a/install_config/customizing-configurations-in-the-tektonconfig-cr.adoc b/install_config/customizing-configurations-in-the-tektonconfig-cr.adoc
index d271b37a6e56..837449316de2 100644
--- a/install_config/customizing-configurations-in-the-tektonconfig-cr.adoc
+++ b/install_config/customizing-configurations-in-the-tektonconfig-cr.adoc
@@ -49,6 +49,8 @@ include::modules/op-disabling-automatic-creation-of-rbac-resources.adoc[leveloff
 
 include::modules/op-disabling-inline-spec.adoc[leveloffset=+1]
 
+include::modules/op-configuration-rbac-trusted-ca-flags.adoc[leveloffset=+1]
+
 include::modules/op-automatic-pruning-taskrun-pipelinerun.adoc[leveloffset=+1]
 
 include::modules/op-default-pruner-configuration.adoc[leveloffset=+2]
diff --git a/modules/op-configuration-rbac-trusted-ca-flags.adoc b/modules/op-configuration-rbac-trusted-ca-flags.adoc
new file mode 100644
index 000000000000..9adf597ebe8f
--- /dev/null
+++ b/modules/op-configuration-rbac-trusted-ca-flags.adoc
@@ -0,0 +1,45 @@
+// This module is included in the following assemblies:
+// * install_config/customizing-configurations-in-the-tektonconfig-cr.adoc
+
+:_mod-docs-content-type: CONCEPT
+[id="op-configuration-rbac-trusted-ca-flags.adoc_{context}"]
+= Configuration of RBAC and Trusted CA flags
+
+The {pipelines-title} Operator provides independent control over RBAC resource creation and Trusted CA bundle config map through two separate flags, `createRbacResource` and `createCABundleConfigMaps`.
+
+[cols="1,3,1", options="header"]
+|===
+|Parameter |Description |Default value
+
+|`createRbacResource`
+|Controls the creation of RBAC resources only. This flag does not affect Trusted CA bundle config map.
+|`true`
+
+|`createCABundleConfigMaps`
+|Controls the creation of Trusted CA bundle config map and Service CA bundle config map. This flag must be set to `false` to disable config map creation.
+|`true`
+|===
+
+[source,yaml]
+----
+apiVersion: operator.tekton.dev/v1alpha1
+kind: TektonConfig
+metadata:
+  name: config
+spec:
+  profile: all
+  targetNamespace: openshift-pipelines
+  addon:
+    params:
+      - name: createRbacResource # <1>
+        value: "true"
+      - name: createCABundleConfigMaps # <2>
+        value: "true"
+      - name: legacyPipelineRbac
+        value: "true"
+    - pipelinerun
+    - taskrun
+    keep: 100
+----
+<1> Specifies RBAC resource creation.
+<2> Specifies Trusted CA bundle config map creation.
\ No newline at end of file