diff --git a/sms-notify.tf b/sms-notify.tf
index 8456bcd515e932e4b472ab7a8b923d4daa331972..dfbcf4ff00bc4c10e2122cb8e0419262dc32c8fb 100644
--- a/sms-notify.tf
+++ b/sms-notify.tf
@@ -1,8 +1,27 @@
+# vi: ft=tf
+
 variable "messagebird_access_key" {
   description = "MessageBird API access key."
   sensitive   = true
 }
 
+variable "send_sms_notifications" {
+  default     = true
+  description = "Whether or not to send SMS notifications."
+  type        = bool
+}
+
+output "send_sms_notifications" {
+  description = "Whether or not to send SMS notifications."
+  value       = var.send_sms_notifications
+}
+
+resource "aws_ssm_parameter" "send_sms_notifications" {
+  name  = "${local.module}/${local.env}/send_sms_notifications"
+  type  = "String"
+  value = tostring(var.send_sms_notifications)
+}
+
 resource "aws_lambda_function" "sms_notify" {
   # checkov:skip=CKV_AWS_50
   # checkov:skip=CKV_AWS_116
@@ -10,7 +29,7 @@ resource "aws_lambda_function" "sms_notify" {
   # checkov:skip=CKV_AWS_173
   runtime                        = var.runtime
   function_name                  = "${local.function_name_prefix}-sms-notify"
-  role                           = local.lambda_role_arn
+  role                           = aws_iam_role.sms_notify.arn
   source_code_hash               = filebase64sha256("payload.zip")
   s3_bucket                      = local.payloads_bucket_name
   s3_key                         = local.payload_object_name
@@ -24,12 +43,13 @@ resource "aws_lambda_function" "sms_notify" {
 
   environment {
     variables = {
-      ENV                = local.env
-      MODULE             = local.module
-      TOPIC_ARN          = local.topic_arn
-      VERSION            = local.payload_object_version
-      MSGBIRD_ACCESS_KEY = var.messagebird_access_key
-      TO_NUMBER          = local.my_phone_number
+      ENV                          = local.env
+      MODULE                       = local.module
+      TOPIC_ARN                    = local.topic_arn
+      VERSION                      = local.payload_object_version
+      MSGBIRD_ACCESS_KEY           = var.messagebird_access_key
+      TO_NUMBER                    = local.my_phone_number
+      SEND_SMS_NOTIFICATIONS_PARAM = aws_ssm_parameter.send_sms_notifications.name
     }
   }
 
@@ -130,28 +150,56 @@ data "aws_iam_policy_document" "sms_notify" {
 
     resources = [local.sms_notify_log_group_arn, ]
   }
+
+  statement {
+    effect = "Allow"
+
+    actions = [
+      "ssm:GetParametersByPath",
+    ]
+
+    resources = [aws_ssm_parameter.send_sms_notifications.arn]
+  }
 }
 
 locals {
   sms_notify_log_policy_doc = data.aws_iam_policy_document.sms_notify.json
 }
 
-resource "aws_iam_policy" "sms_notify_log" {
-  name   = "${local.module}-${local.env}-sms-notify-log"
+resource "aws_iam_policy" "sms_notify" {
+  name   = "${local.module}-${local.env}-sms-notify"
   policy = local.sms_notify_log_policy_doc
 }
 
 locals {
-  sms_notify_log_policy_arn  = aws_iam_policy.log.arn
-  sms_notify_log_policy_name = aws_iam_policy.log.name
+  sms_notify_policy_arn  = aws_iam_policy.log.arn
+  sms_notify_policy_name = aws_iam_policy.log.name
 }
 
-output "sms_notify_log_policy_arn" {
-  value       = local.sms_notify_log_policy_arn
-  description = "CloudWatch log IAM policy for SMS notifications ARN."
+output "sms_notify_policy_arn" {
+  value       = local.sms_notify_policy_arn
+  description = "AM policy for SMS notifications ARN."
+}
+
+output "sms_notify_policy_name" {
+  value       = local.sms_notify_policy_name
+  description = "IAM policy for SMS notifications name."
+}
+
+resource "aws_iam_role" "sms_notify" {
+  name               = "${local.name}-sms-notify"
+  assume_role_policy = local.lambda_assume_policy_doc
+}
+
+locals {
+  sms_notify_policies = [
+    local.sms_notify_policy_arn,
+    "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole",
+  ]
 }
 
-output "sms_notify_log_policy_name" {
-  value       = local.sms_notify_log_policy_name
-  description = "CloudWatch log IAM policy for SMS notifications name."
+resource "aws_iam_role_policy_attachment" "sms_notify" {
+  count      = length(local.sms_notify_policies)
+  role       = aws_iam_role.sms_notify.name
+  policy_arn = local.sms_notify_policies[count.index]
 }
diff --git a/src/sms_notify.py b/src/sms_notify.py
index 19f7583be0e59b2a58a96bbc18024f42f0828f3f..6e0f2c89c1c425a81f13a374ae91911461206751 100644
--- a/src/sms_notify.py
+++ b/src/sms_notify.py
@@ -1,4 +1,5 @@
 import os
+import boto3  # pylint: disable=import-error
 import messagebird  # pylint: disable=import-error
 
 
@@ -6,8 +7,24 @@ MSGBIRD_ACCESS_KEY = os.environ["MSGBIRD_ACCESS_KEY"]
 TO_NUMBER = os.environ["TO_NUMBER"]
 
 
+def send_notifications():
+    """Check if sending SMSes is enabled."""
+    try:
+        param_path = os.environ["SEND_SMS_NOTIFICATIONS_PARAM"]
+        client = boto3.client("ssm")
+        param = client.get_parameters_by_path(
+            Path=param_path, recursive=False, WithDecryption=False
+        )["Parameters"][0]
+        return param["Value"].tolower == "true"
+    except Exception:  # pylint: disable=broad-except
+        return True
+
+
 # pylint: disable=unused-argument
 def handler(event, context):
+    if not send_notifications():
+        print("Sending notification is disabled.")
+        return
     message = event["Records"][0]["Sns"]["Message"]
     client = messagebird.Client(MSGBIRD_ACCESS_KEY)
     client.message_create(