diff --git a/src/main/java/com/nike/cerberus/command/consul/UpdateConsulConfigCommand.java b/src/main/java/com/nike/cerberus/command/consul/UpdateConsulConfigCommand.java
index ad51333a..f24324f5 100644
--- a/src/main/java/com/nike/cerberus/command/consul/UpdateConsulConfigCommand.java
+++ b/src/main/java/com/nike/cerberus/command/consul/UpdateConsulConfigCommand.java
@@ -1,5 +1,6 @@
 package com.nike.cerberus.command.consul;
 
+import com.beust.jcommander.Parameter;
 import com.beust.jcommander.Parameters;
 import com.nike.cerberus.command.Command;
 import com.nike.cerberus.operation.Operation;
@@ -12,6 +13,22 @@ public class UpdateConsulConfigCommand implements Command {
 
     public static final String COMMAND_NAME = "update-consul-config";
 
+    @Parameter(names = {"--acl-master-token"}, description = "Overwrites the existing ACL Master Token with the value supplied."
+            + " If not supplied, the existing token in secrets.json will be maintained (safer and generally preferred).")
+    private String aclMasterToken = null;
+
+    @Parameter(names = {"--gossip-encryption-token"}, description = "Overwrites the existing Gossip Encryption Token with the value supplied."
+            + " If not supplied, the existing token in secrets.json will be maintained (safer and generally preferred).")
+    private String gossipEncryptionToken = null;
+
+    public String getAclMasterToken() {
+        return aclMasterToken;
+    }
+
+    public String getGossipEncryptionToken() {
+        return gossipEncryptionToken;
+    }
+
     @Override
     public String getCommandName() {
         return COMMAND_NAME;
diff --git a/src/main/java/com/nike/cerberus/operation/consul/UpdateConsulConfigOperation.java b/src/main/java/com/nike/cerberus/operation/consul/UpdateConsulConfigOperation.java
index c865cc8b..b465ad06 100644
--- a/src/main/java/com/nike/cerberus/operation/consul/UpdateConsulConfigOperation.java
+++ b/src/main/java/com/nike/cerberus/operation/consul/UpdateConsulConfigOperation.java
@@ -47,12 +47,23 @@ public UpdateConsulConfigOperation(final ConsulConfigGenerator consulConfigGener
 
     @Override
     public void run(final UpdateConsulConfigCommand command) {
-        logger.info("Regenerating the Consul configuration while maintaining values such as the AclMasterToken and GossipEncryptionToken.");
+        logger.info("Regenerating Consul configuration");
+
+        String aclMasterToken = command.getAclMasterToken();
+        if (aclMasterToken == null) {
+            logger.info("Regenerating Consul configuration: maintaining existing ACL Master Token");
+            aclMasterToken = configStore.getAclMasterToken();
+        }
+        String gossipEncryptionToken = command.getGossipEncryptionToken();
+        if (gossipEncryptionToken == null) {
+            logger.info("Regenerating Consul configuration: maintaining existing Gossip Encryption Token");
+            gossipEncryptionToken = configStore.getGossipEncryptionToken();
+        }
 
         final ConsulConfiguration consulConfiguration = consulConfigGenerator.generate(
                 ConfigConstants.CONSUL_DATACENTER,
-                configStore.getAclMasterToken(),
-                configStore.getGossipEncryptionToken()
+                aclMasterToken,
+                gossipEncryptionToken
         );
 
         logger.info("Uploading Consul configuration to the configuration bucket.");