diff --git a/pkg/validation-webhook/snapshot.go b/pkg/validation-webhook/snapshot.go
index 7d278fad..e7ec4c18 100644
--- a/pkg/validation-webhook/snapshot.go
+++ b/pkg/validation-webhook/snapshot.go
@@ -377,8 +377,11 @@ func checkSnapshotContentImmutableFieldsV1(snapcontent, oldSnapcontent *volumesn
 	if !reflect.DeepEqual(source.SnapshotHandle, oldSource.SnapshotHandle) {
 		return fmt.Errorf("Spec.Source.SnapshotHandle is immutable but was changed from %s to %s", strPtrDereference(oldSource.SnapshotHandle), strPtrDereference(source.SnapshotHandle))
 	}
-	if !reflect.DeepEqual(snapcontent.Spec.SourceVolumeMode, oldSnapcontent.Spec.SourceVolumeMode) {
-		return fmt.Errorf("Spec.SourceVolumeMode is immutable but was changed from %v to %v", *oldSnapcontent.Spec.SourceVolumeMode, *snapcontent.Spec.SourceVolumeMode)
+
+	if preventVolumeModeConversion {
+		if !reflect.DeepEqual(snapcontent.Spec.SourceVolumeMode, oldSnapcontent.Spec.SourceVolumeMode) {
+			return fmt.Errorf("Spec.SourceVolumeMode is immutable but was changed from %v to %v", *oldSnapcontent.Spec.SourceVolumeMode, *snapcontent.Spec.SourceVolumeMode)
+		}
 	}
 
 	return nil
diff --git a/pkg/validation-webhook/webhook.go b/pkg/validation-webhook/webhook.go
index 1e00f692..6e91e044 100644
--- a/pkg/validation-webhook/webhook.go
+++ b/pkg/validation-webhook/webhook.go
@@ -39,10 +39,11 @@ import (
 )
 
 var (
-	certFile       string
-	keyFile        string
-	kubeconfigFile string
-	port           int
+	certFile                    string
+	keyFile                     string
+	kubeconfigFile              string
+	port                        int
+	preventVolumeModeConversion bool
 )
 
 // CmdWebhook is used by Cobra.
@@ -67,6 +68,8 @@ func init() {
 	CmdWebhook.MarkFlagRequired("tls-private-key-file")
 	// Add optional flag for kubeconfig
 	CmdWebhook.Flags().StringVar(&kubeconfigFile, "kubeconfig", "", "kubeconfig file to use for volumesnapshotclasses")
+	CmdWebhook.Flags().BoolVar(&preventVolumeModeConversion, "prevent-volume-mode-conversion",
+		false, "Prevents an unauthorised user from modifying the volume mode when creating a PVC from an existing VolumeSnapshot.")
 }
 
 // admitv1beta1Func handles a v1beta1 admission