diff --git a/ironic_python_agent/hardware.py b/ironic_python_agent/hardware.py
index 55753740d..0da5978fa 100644
--- a/ironic_python_agent/hardware.py
+++ b/ironic_python_agent/hardware.py
@@ -771,14 +771,15 @@ class GenericHardwareManager(HardwareManager):
             LOG.info("Skipping the erase of virtual media device %s",
                      block_device.name)
             return
-
+        info = node.get('driver_internal_info', {})
         # Note(TheJulia) Use try/except to capture and log the failure
         # and then revert to attempting to shred the volume if enabled.
         try:
-            if self._ata_erase(block_device):
+            execute_secure_erase = info.get(
+                'agent_enable_ata_secure_erase', True)
+            if execute_secure_erase and self._ata_erase(block_device):
                 return
         except errors.BlockDeviceEraseError as e:
-            info = node.get('driver_internal_info', {})
             execute_shred = info.get(
                 'agent_continue_if_ata_erase_failed', False)
             if execute_shred:
diff --git a/ironic_python_agent/tests/unit/test_hardware.py b/ironic_python_agent/tests/unit/test_hardware.py
index 2f0a8354a..4270813b5 100644
--- a/ironic_python_agent/tests/unit/test_hardware.py
+++ b/ironic_python_agent/tests/unit/test_hardware.py
@@ -1673,6 +1673,22 @@ class TestGenericHardwareManager(base.IronicAgentTest):
         self.hardware.erase_block_device(self.node, block_device)
         self.assertTrue(mock_shred.called)
 
+    @mock.patch.object(hardware.GenericHardwareManager, '_shred_block_device',
+                       autospec=True)
+    @mock.patch.object(utils, 'execute', autospec=True)
+    def test_erase_block_device_ata_erase_disabled(
+            self, mocked_execute, mock_shred):
+
+        info = self.node['driver_internal_info']
+        info['agent_enable_ata_secure_erase'] = False
+
+        block_device = hardware.BlockDevice('/dev/sda', 'big', 1073741824,
+                                            True)
+
+        self.hardware.erase_block_device(self.node, block_device)
+        self.assertTrue(mock_shred.called)
+        self.assertFalse(mocked_execute.called)
+
     def test_normal_vs_enhanced_security_erase(self):
         @mock.patch.object(utils, 'execute', autospec=True)
         def test_security_erase_option(test_case,
diff --git a/releasenotes/notes/ability-to-disable-secure-erase-c3223262726d5aff.yaml b/releasenotes/notes/ability-to-disable-secure-erase-c3223262726d5aff.yaml
new file mode 100644
index 000000000..7377b1467
--- /dev/null
+++ b/releasenotes/notes/ability-to-disable-secure-erase-c3223262726d5aff.yaml
@@ -0,0 +1,6 @@
+---
+features:
+  - |
+    Adds the ability for the Bare Metal service conductor
+    service to explicitly choose to disable ATA Secure Erase
+    from being executed.