diff --git a/roles/acm_setup/tasks/get-mirroring-config.yml b/roles/acm_setup/tasks/get-mirroring-config.yml
new file mode 100644
index 000000000..66a19b54b
--- /dev/null
+++ b/roles/acm_setup/tasks/get-mirroring-config.yml
@@ -0,0 +1,50 @@
+---
+- name: "Get current master's MCP"
+  community.kubernetes.k8s_info:
+    api_version: machineconfiguration.openshift.io/v1
+    kind: MachineConfigPool
+    name: master
+  register: _acm_setup_master_mcp
+  no_log: true
+
+- name: "Get current master's Machine Config"
+  vars:
+    acm_machine_config: "{{ _acm_setup_master_mcp.resources[0].spec.configuration.name }}"
+  community.kubernetes.k8s_info:
+    api_version: machineconfiguration.openshift.io/v1
+    kind: MachineConfig
+    name: "{{ acm_machine_config }}"
+  register: _acm_setup_master_mc
+  no_log: true
+
+- name: "Get cluster user-ca certificate"
+  community.kubernetes.k8s_info:
+    api: v1
+    kind: ConfigMap
+    name: "user-ca-bundle"
+    namespace: openshift-config
+  register: _acm_setup_user_ca_bundle
+  no_log: true
+
+- name: "Create a Config map with registry entries and CA bundle"
+  vars:
+    acm_user_ca_bundle: "{{ _acm_setup_user_ca_bundle.resources[0].data['ca-bundle.crt'] }}"
+    registry_config: "{{ (_acm_setup_master_mc | json_query('resources[0].spec.config.storage.files[?path==`/etc/containers/registries.conf`].contents.source'))[0] |
+                      regex_replace('^data:.*;base64,', '') | b64decode }}"
+    mirror_cm_def: |
+      apiVersion: v1
+      kind: ConfigMap
+      metadata:
+        name: mirror-registry-config-map
+        namespace: multicluster-engine
+        labels:
+          app: assisted-service
+      data:
+        registries.conf: |
+          {{ registry_config | indent(4) }}
+        ca-bundle.crt: |
+          {{ acm_user_ca_bundle | indent(4) }}
+  community.kubernetes.k8s:
+    state: present
+    definition: "{{ mirror_cm_def }}"
+...
diff --git a/roles/acm_setup/tasks/main.yml b/roles/acm_setup/tasks/main.yml
index ac6977f83..1ca3d2062 100644
--- a/roles/acm_setup/tasks/main.yml
+++ b/roles/acm_setup/tasks/main.yml
@@ -255,6 +255,11 @@
     namespace: multicluster-engine
   register: _asg
 
+- name: "Get Hub Cluster mirroring configuration"
+  ansible.builtin.include_tasks: get-mirroring-config.yml
+  when:
+    - hub_disconnected | bool
+
 - name: "Create the Agent Service config"
   when: _asg.resources | length == 0
   vars:
@@ -295,6 +300,10 @@
       {% if hub_os_images is defined %}
         osImages: {{ hub_os_images }}
       {% endif %}
+      {% if hub_disconnected | bool %}
+        mirrorRegistryRef:
+            name: mirror-registry-config-map
+      {% endif %}
   community.kubernetes.k8s:
     state: present
     definition: "{{ agent_def }}"