diff --git a/README.md b/README.md
index fc900379..8310feea 100644
--- a/README.md
+++ b/README.md
@@ -649,6 +649,13 @@ The following table lists the parameters for the `tenantadm` component and their
 | `tenantadm.probesOverrides.successThreshold` | Override the `successThreshold` for every Readiness and Liveness probes. | `nil` |
 | `tenantadm.probesOverrides.timeoutSeconds` | Override the `timeoutSeconds` for every Readiness and Liveness probes. | `nil` |
 | `tenantadm.probesOverrides.failureThreshold` | Override the `failureThreshold` for every Readiness and Liveness probes. | `nil` |
+| `tenantadm.cronjobs.suspend_tenants.enabled` | Creates the Suspend Tenants crojob (Hosted only) | `false` |
+| `tenantadm.cronjobs.suspend_tenants.schedule` | Set a schedule for the Suspend Tenants crojob (Hosted only) | `0 7 * * *` |
+| `tenantadm.cronjobs.suspend_tenants.resouces` | Set the resources for the Suspend Tenants crojob (Hosted only) | `nil` |
+| `tenantadm.cronjobs.sync_tenants.enabled` | Creates the Suspend Tenants crojob (Hosted only) | `false` |
+| `tenantadm.cronjobs.sync_tenants.schedule` | Set a schedule for the Suspend Tenants crojob (Hosted only) | `0 7 * * *` |
+| `tenantadm.cronjobs.sync_tenants.resouces` | Set the resources for the Suspend Tenants crojob (Hosted only) | `nil` |
+
 
 The default value for the rate limits are:
 
diff --git a/mender/CHANGELOG.md b/mender/CHANGELOG.md
index 57cf8135..a67cff58 100644
--- a/mender/CHANGELOG.md
+++ b/mender/CHANGELOG.md
@@ -1,5 +1,8 @@
 # Mender Helm chart
 
+## Version 5.7.1
+* Added tenantadm CronJobs (Hosted only feature)
+
 ## Version 5.7.0
 * `generate_delta_worker`: don't enforce tags for the image.
 * Added `api_gateway.accesslogs` parameter to enable/disable access logs.
diff --git a/mender/templates/tenantadm/_podtemplate.yaml b/mender/templates/tenantadm/_podtemplate.yaml
index cde602c2..9aab0d23 100644
--- a/mender/templates/tenantadm/_podtemplate.yaml
+++ b/mender/templates/tenantadm/_podtemplate.yaml
@@ -22,7 +22,13 @@ spec:
   restartPolicy: {{ quote . }}
   {{- end }}
   containers:
-  - name: {{ ternary "tenantadm" "tenantadm-migration" (empty .migration) | quote }}
+  {{- if .migration }}
+  - name: "tenantadm-migration"
+  {{- else if .cronjob }}
+  - name: "tenantadm-{{- .cronjob }}"
+  {{- else }}
+  - name: "tenantadm"
+  {{- end }}
     image: {{ .dot.Values.tenantadm.image.registry }}/{{ .dot.Values.tenantadm.image.repository }}:{{ .dot.Values.tenantadm.image.tag | default .dot.Values.global.image.tag }}
     imagePullPolicy: {{ .dot.Values.tenantadm.image.imagePullPolicy }}
     {{- if .dot.Values.tenantadm.containerSecurityContext.enabled }}
@@ -40,7 +46,7 @@ spec:
     {{- end }}
 
 
-    {{- if (not .migration) }}
+    {{- if and (not .migration) (not .cronjob) }}
     # Readiness/liveness probes
     readinessProbe:
       httpGet:
@@ -66,7 +72,7 @@ spec:
       periodSeconds: 5
     {{- end }}
 
-    {{- if (not .migration) }}
+    {{- if and (not .migration) (not .cronjob) }}
     volumeMounts:
     - name: rsa
       mountPath: "/etc/tenantadm/rsa/"
@@ -102,7 +108,7 @@ spec:
   nodeSelector: {{ toYaml . | nindent 4 }}
   {{- end }}
 
-  {{- if (not .migration) }}
+  {{- if and (not .migration) (not .cronjob) }}
   volumes:
   - name: rsa
     secret:
diff --git a/mender/templates/tenantadm/cronjob.yaml b/mender/templates/tenantadm/cronjob.yaml
new file mode 100644
index 00000000..e9363204
--- /dev/null
+++ b/mender/templates/tenantadm/cronjob.yaml
@@ -0,0 +1,79 @@
+{{- if and (.Values.global.enterprise) (.Values.tenantadm.enabled) (.Values.global.hosted) (.Values.tenantadm.cronjobs.suspend_tenants.enabled) }}
+---
+# Suspend tenants: maintenance suspend-expired-tenants
+
+{{- $context := (dict "dot" . "component" "tenantadm" "cronjob" "suspend" "args" (list "maintenance" "suspend-expired-tenants") "extraResources" .Values.tenantadm.cronjobs.suspend_tenants.resources "restartPolicy" "Never") }}
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+  name: {{ include "mender.fullname" . }}-tenantadm-suspend-trial
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "mender.labels" . | nindent 4 }}
+    app.kubernetes.io/name: {{ include "mender.fullname" . }}-tenantadm-suspend-trial
+    app.kubernetes.io/component: tenantadm
+spec:
+  schedule: {{ .Values.tenantadm.cronjobs.suspend_tenants.schedule }}
+  concurrencyPolicy: Forbid
+  successfulJobsHistoryLimit: 1
+  failedJobsHistoryLimit: 1
+
+  jobTemplate:
+    spec:
+      template:
+        {{- include "mender.tenantadmPodTemplate" $context | nindent 8 }}
+
+
+---
+# Suspend trial tenants: suspend-tenants-expired-trial
+
+{{- $context := (dict "dot" . "component" "tenantadm" "cronjob" "suspend" "args" (list "suspend-tenants-expired-trial") "extraResources" .Values.tenantadm.cronjobs.suspend_tenants.resources "restartPolicy" "Never") }}
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+  name: {{ include "mender.fullname" . }}-tenantadm-suspend
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "mender.labels" . | nindent 4 }}
+    app.kubernetes.io/name: {{ include "mender.fullname" . }}-tenantadm-suspend
+    app.kubernetes.io/component: tenantadm
+spec:
+  schedule: {{ .Values.tenantadm.cronjobs.suspend_tenants.schedule }}
+  concurrencyPolicy: Forbid
+  successfulJobsHistoryLimit: 1
+  failedJobsHistoryLimit: 1
+
+  jobTemplate:
+    spec:
+      template:
+        {{- include "mender.tenantadmPodTemplate" $context | nindent 8 }}
+
+
+{{- end }}
+
+{{- if and (.Values.global.enterprise) (.Values.tenantadm.enabled) (.Values.global.hosted) (.Values.tenantadm.cronjobs.sync_tenants.enabled) }}
+---
+# Sync tenants with an external integration
+
+{{- $context := (dict "dot" . "component" "tenantadm" "cronjob" "sync-tenants" "args" (list "sync-tenants") "extraResources" .Values.tenantadm.cronjobs.sync_tenants.resources "restartPolicy" "Never") }}
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+  name: {{ include "mender.fullname" . }}-tenantadm-sync-tenants
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "mender.labels" . | nindent 4 }}
+    app.kubernetes.io/name: {{ include "mender.fullname" . }}-tenantadm-sync-tenants
+    app.kubernetes.io/component: tenantadm
+spec:
+  schedule: {{ .Values.tenantadm.cronjobs.suspend_tenants.schedule }}
+  concurrencyPolicy: Forbid
+  successfulJobsHistoryLimit: 1
+  failedJobsHistoryLimit: 1
+
+  jobTemplate:
+    spec:
+      template:
+        {{- include "mender.tenantadmPodTemplate" $context | nindent 8 }}
+
+{{- end }}
diff --git a/mender/values.yaml b/mender/values.yaml
index 9b5ae967..e2c6152e 100644
--- a/mender/values.yaml
+++ b/mender/values.yaml
@@ -705,6 +705,30 @@ tenantadm:
     # successThreshold: 2
     # failureThreshold: 6
 
+  cronjobs:
+    # suspend tenants cronjobs: these cronjobs are used to suspend expired trial tenants
+    suspend_tenants:
+      enabled: false
+      schedule: "0 7 * * *"
+      # resources:
+      #   limits:
+      #     cpu: 300m
+      #     memory: 200Mi
+      #   requests:
+      #     cpu: 50m
+      #     memory: 50Mi
+    # sync tenants cronjob to sync with an external integration
+    sync_tenants:
+      enabled: false
+      schedule: "0 8 * * *"
+      # resources:
+      #   limits:
+      #     cpu: 300m
+      #     memory: 200Mi
+      #   requests:
+      #     cpu: 50m
+      #     memory: 50Mi
+
 useradm:
   enabled: true
   podAnnotations: {}