diff --git a/chart/templates/tempo/secret-objectstore.yaml b/chart/templates/tempo/secret-objectstore.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..6601ed9f503a88393707a5f665ee96029a826961
--- /dev/null
+++ b/chart/templates/tempo/secret-objectstore.yaml
@@ -0,0 +1,15 @@
+{{- if and .Values.tempo.enabled .Values.tempo.objectStorage.accessKey .Values.tempo.objectStorage.accessSecret }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: tempo-object-storage
+  namespace: tempo
+  labels:
+    app.kubernetes.io/name: tempo
+    app.kubernetes.io/component: "core"
+    {{- include "commonLabels" . | nindent 4}}
+type: kubernetes.io/opaque
+data:
+    AWS_ACCESS_KEY_ID: {{ .Values.tempo.objectStorage.accessKey | b64enc }}
+    AWS_SECRET_ACCESS_KEY: {{ .Values.tempo.objectStorage.accessSecret | b64enc }}
+{{- end }}
diff --git a/chart/templates/tempo/values.yaml b/chart/templates/tempo/values.yaml
index 91d2cfcfb5aa6fe14e3a3def5ab2423c27f4f323..8e83ba06c91fbff0caef3e9c58b5af8a1d0f309d 100644
--- a/chart/templates/tempo/values.yaml
+++ b/chart/templates/tempo/values.yaml
@@ -9,18 +9,33 @@ podAnnotations:
   {{ include "istioAnnotation" . }}
 {{- end }}
 
+objectStorage: 
+  access_key_id: {{ .Values.tempo.objectStorage.accessKey }}
+  secret_access_key: {{ .Values.tempo.objectStorage.accessSecret }}
+
 tempo:
   imagePullSecrets:
   - name: private-registry
+  pullPolicy: {{ .Values.imagePullPolicy }}
+{{- with .Values.tempo.objectStorage }}
+{{- if and .endpoint .region .bucket }}
+  storage: 
+    trace:
+      backend: s3
+      s3:
+        endpoint: {{ .endpoint }}
+        bucket: {{ .bucket }}
+        region: {{ .region }}
+        insecure: {{ .insecure }}
+        forcepathstyle: true
+{{- end }}
+{{- end }}
 
     # hostname is deprecated and replaced with domain. But if hostname exists then use it.
 {{- $domainName := default .Values.domain .Values.hostname }}
 hostname: {{ $domainName }}
 domain: {{ $domainName }}
 
-tempo:
-  pullPolicy: {{ .Values.imagePullPolicy }}
-
 tempoQuery:
   pullPolicy: {{ .Values.imagePullPolicy }}
 
diff --git a/chart/values.yaml b/chart/values.yaml
index 3d02a9caae167a6cf12f5474ceccfa64fffe9f54..955f20a763e4c649fa469c815bba516244f215f4 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -552,7 +552,7 @@ tempo:
   git:
     repo: https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/tempo.git
     path: "./chart"
-    tag: "0.15.1-bb.5"
+    tag: "0.15.1-bb.6"
 
   # -- Redirect the package ingress to a specific Istio Gateway (listed in `istio.gateways`).  The default is "public".
   ingress:
@@ -561,6 +561,30 @@ tempo:
   # -- Flux reconciliation overrides specifically for the Tempo Package
   flux: {}
 
+  objectStorage:
+    # -- S3 compatible endpoint to use for connection information.
+    # examples: "s3.amazonaws.com" "s3.us-gov-west-1.amazonaws.com" "minio.minio.svc.cluster.local:9000"
+    # Note: tempo does not require protocol prefix for URL.
+    endpoint: ""
+
+    # -- S3 compatible region to use for connection information.
+    region: ""
+
+    # -- Access key for connecting to object storage endpoint.
+    accessKey: ""
+
+    # -- Secret key for connecting to object storage endpoint.
+    # Unencoded string data. This should be placed in the secret values and then encrypted
+    accessSecret: ""
+
+    # -- Bucket Names for Loki as a comma delimited list.
+    # examples: "tempo-traces"
+    bucket: ""
+
+    # -- Whether or not objectStorage connection should require HTTPS, if connecting to in-cluster object
+    # storage on port 80/9000 set this value to true.
+    insecure: false
+
   # -- Values to passthrough to the Tempo chart: https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/tempo.git
   values: {}
 
diff --git a/tests/test-values.yaml b/tests/test-values.yaml
index af1e4251a81ceba1dfc80142d0b88fbbff7b138c..67a6398aff876cd053edfcdcf066e0fb8c8b48fb 100644
--- a/tests/test-values.yaml
+++ b/tests/test-values.yaml
@@ -171,6 +171,7 @@ gatekeeper:
           - twistlock/twistlock-cypress-test
           - sonarqube/sonarqube-cypress-test
           - logging/logging-cypress-test
+          - tempo/tempo-cypress-test
           # Allow kyverno test vectors for Helm test
           - default/restrict-host-path-mount-.?
           - default/restrict-host-path-write-.?
@@ -269,6 +270,7 @@ gatekeeper:
           - twistlock/twistlock-cypress-test
           - sonarqube/sonarqube-cypress-test
           - logging/logging-cypress-test
+          - tempo/tempo-cypress-test
           # Allow kyverno test vectors for Helm test
           - default/restrict-host-path-mount-.?
           - default/restrict-host-path-write-.?