diff --git a/services/service/main.tf b/services/service/main.tf
index ed35d8d..e0971e2 100644
--- a/services/service/main.tf
+++ b/services/service/main.tf
@@ -14,6 +14,7 @@ resource "nomad_job" "service" {
     constraints        = var.constraints
     docker_devices     = var.docker_devices
     user               = var.user
+    actions            = var.actions
 
     service_port        = var.service_port
     service_port_static = var.service_port_static
@@ -245,3 +246,33 @@ module "oidc_client" {
     task   = var.name
   }
 }
+
+# Action cron jobs
+resource "nomad_job" "action_cron" {
+  for_each = tomap({ for action in var.actions : action.name => action if action.cron != null })
+  jobspec = templatefile("${path.module}/service_scheduled.nomad", {
+    name        = var.name
+    action_name = each.value.name
+    action_cron = each.value.cron
+  })
+}
+
+resource "nomad_acl_policy" "action_cron_workload_policy" {
+  for_each = resource.nomad_job.action_cron
+
+  name        = "service-action-${each.value.id}"
+  description = "Give custom service cron actions access to execute actions."
+  rules_hcl   = <<EOH
+namespace "default" {
+  capabilities = [
+    "list-jobs",
+    "read-job",
+    "alloc-exec",
+  ]
+}
+  EOH
+
+  job_acl {
+    job_id = each.value.id
+  }
+}
diff --git a/services/service/service_scheduled.nomad b/services/service/service_scheduled.nomad
new file mode 100644
index 0000000..1ad2ee3
--- /dev/null
+++ b/services/service/service_scheduled.nomad
@@ -0,0 +1,35 @@
+job "${name}-${action_name}" {
+  region = "global"
+  datacenters = ["dc1"]
+
+  type = "batch"
+
+  periodic {
+    cron = "${action_cron}"
+  }
+
+  group "main" {
+    task "${action_name}" {
+      driver = "docker"
+
+      config {
+        image = "hashicorp/nomad:$${attr.nomad.version}"
+        args = [
+          "job",
+          "action",
+          "-job",
+          "${name}",
+          "-group",
+          "${name}",
+          "-task",
+          "${name}",
+          "${action_name}"
+        ]
+      }
+
+      identity {
+        env = true
+      }
+    }
+  }
+}
diff --git a/services/service/service_template.nomad b/services/service/service_template.nomad
index 5893faa..e7ce628 100644
--- a/services/service/service_template.nomad
+++ b/services/service/service_template.nomad
@@ -185,6 +185,14 @@ job "${name}" {
         %{~ endfor ~}
       }
       %{~ endif ~}
+      %{~ for action in actions }
+      action "${action.name}" {
+        command = "${action.command}"
+        %{~ if length(action.args) > 0 ~}
+        args = ${jsonencode(action.args)}
+        %{~ endif ~}
+      }
+      %{~ endfor ~}
       %{~ for volume in host_volumes }
       volume_mount {
         volume = "${volume.name}"
diff --git a/services/service/vars.tf b/services/service/vars.tf
index 016112a..e76fb54 100644
--- a/services/service/vars.tf
+++ b/services/service/vars.tf
@@ -284,6 +284,17 @@ variable "use_wesher" {
   default     = true
 }
 
+variable "actions" {
+  description = "Nomad actions that should be part of the main task"
+  type = list(object({
+    name    = string
+    command = string
+    args    = optional(list(string))
+    cron    = optional(string)
+  }))
+  default = []
+}
+
 variable "service_check" {
   description = "Health check for main ingress service"
   type = object({