diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb
index bbb55a901010ae3c3699253593129aea5914cc3e..023ea28a726859f39f420047cf2f50b4ea9c5f09 100644
--- a/config/initializers/1_settings.rb
+++ b/config/initializers/1_settings.rb
@@ -2,6 +2,7 @@
 
 require_relative '../settings'
 require_relative '../object_store_settings'
+require_relative '../../ee/lib/remote_development/settings'
 require_relative '../smime_signature_settings'
 
 # Default settings
@@ -992,6 +993,13 @@
   Settings.zoekt['password_file'] ||= Rails.root.join('.gitlab_zoekt_password')
 end
 
+#
+# Remote Development
+#
+Gitlab.ee do
+  RemoteDevelopment::Settings.initialize_settings(settings: Settings)
+end
+
 #
 # Repositories
 #
diff --git a/ee/app/models/remote_development/workspace_variable.rb b/ee/app/models/remote_development/workspace_variable.rb
index 40e1737a4e53be746319b1da254ad536d84469f8..59957564a0cfa85cb5c0654e5e60ccf3adf5f72f 100644
--- a/ee/app/models/remote_development/workspace_variable.rb
+++ b/ee/app/models/remote_development/workspace_variable.rb
@@ -24,7 +24,8 @@ class WorkspaceVariable < ApplicationRecord
 
     attr_encrypted :value,
       mode: :per_attribute_iv,
-      key: Settings.attr_encrypted_db_key_base_32,
+      # TODO: Change this to be injected via config
+      key: ::Settings.attr_encrypted_db_key_base_32,
       algorithm: 'aes-256-gcm'
   end
 end
diff --git a/ee/lib/remote_development/settings.rb b/ee/lib/remote_development/settings.rb
new file mode 100644
index 0000000000000000000000000000000000000000..1a7ec28a3e8d155e9cbdb2250c0f1ceff3ec50b7
--- /dev/null
+++ b/ee/lib/remote_development/settings.rb
@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+module RemoteDevelopment
+  class Settings
+    # @return void
+    # @param [::GitlabSettings::Settings] settings
+    def self.initialize_settings(settings:)
+      settings['remote_development'] ||= {}
+
+      settings_and_defaults = [
+        [:project_editor_image, ''],
+        [:project_editor_tag, ''],
+        [:project_cloner_image, ''],
+        [:project_cloner_tag, '']
+      ]
+
+      settings_and_defaults.each do |setting_name, default_value|
+        env_var_name = "GITLAB_REMOTE_DEVELOPMENT_#{setting_name.to_s.upcase}"
+        # noinspection RubyResolve -
+        settings.remote_development[setting_name.to_s] ||= ENV[env_var_name] || default_value
+      end
+    end
+  end
+end
diff --git a/ee/lib/remote_development/workspaces/create/project_cloner_component_injector.rb b/ee/lib/remote_development/workspaces/create/project_cloner_component_injector.rb
index 36b4f11bce16a18d9f7a84298a122a2e1f372d8e..8aced6d7f86443e12ad5b0f5368aa72d33b2c29d 100644
--- a/ee/lib/remote_development/workspaces/create/project_cloner_component_injector.rb
+++ b/ee/lib/remote_development/workspaces/create/project_cloner_component_injector.rb
@@ -21,8 +21,8 @@ def self.inject(value)
           # TODO: https://gitlab.com/gitlab-org/gitlab/-/issues/408448
           #       replace the alpine/git docker image with one that is published by gitlab for security / reliability
           #       reasons
-          image_name = 'alpine/git'
-          image_tag = '2.36.3'
+          image_name = Settings.remote_development.project_cloner_image || 'alpine/git'
+          image_tag = Settings.remote_development.project_cloner_tag || '2.36.3'
           clone_dir = "#{volume_path}/#{project.path}"
           project_url = project.http_url_to_repo
           project_ref = project.default_branch
diff --git a/ee/lib/remote_development/workspaces/create/tools_component_injector.rb b/ee/lib/remote_development/workspaces/create/tools_component_injector.rb
index b8637e3cec1cb8c0e27dbb9a040c55646aa4d0bb..d6f4a0ac3a88768e00761c0c46b62d93d442aca2 100644
--- a/ee/lib/remote_development/workspaces/create/tools_component_injector.rb
+++ b/ee/lib/remote_development/workspaces/create/tools_component_injector.rb
@@ -131,8 +131,9 @@ def self.inject_tools_component(processed_devfile, tools_dir)
         # @return [Array]
         def self.tools_components(tools_dir)
           # TODO: https://gitlab.com/gitlab-org/gitlab/-/issues/409775 - choose image based on which editor is passed.
-          image_name = 'registry.gitlab.com/gitlab-org/gitlab-web-ide-vscode-fork/web-ide-injector'
-          image_tag = '7'
+          image_name = Settings.remote_development.project_editor_image ||
+            'registry.gitlab.com/gitlab-org/gitlab-web-ide-vscode-fork/web-ide-injector'
+          image_tag = Settings.remote_development.project_editor_tag || '7'
 
           [
             {
diff --git a/ee/spec/lib/remote_development/workspaces/create/project_cloner_component_injector_spec.rb b/ee/spec/lib/remote_development/workspaces/create/project_cloner_component_injector_spec.rb
index d35515347fc37f871fe4b9b85e088888ffd8032d..319ef1af00bb3a61036eaf0ac10bb2e18a95bff4 100644
--- a/ee/spec/lib/remote_development/workspaces/create/project_cloner_component_injector_spec.rb
+++ b/ee/spec/lib/remote_development/workspaces/create/project_cloner_component_injector_spec.rb
@@ -15,6 +15,7 @@
   let(:expected_processed_devfile_name) { 'example.project-cloner-injected-devfile.yaml' }
   let(:expected_processed_devfile) { YAML.safe_load(read_devfile(expected_processed_devfile_name)).to_h }
   let(:component_name) { "gl-cloner-injector" }
+  let(:other_registry_image_name) { 'other.registry.com/alpine/git' }
   let(:value) do
     {
       params: {
@@ -36,4 +37,17 @@
   it "injects the project cloner component" do
     expect(returned_value[:processed_devfile]).to eq(expected_processed_devfile)
   end
+
+  context 'when the project_cloner_image setting is configured' do
+    before do
+      Settings.remote_development.project_cloner_image = other_registry_image_name
+    end
+
+    it 'injects the specified image instead of the default' do
+      components = returned_value.dig(:processed_devfile, "components")
+      editor_injector_component = components.find { |component| component.fetch("name") == component_name }
+
+      expect(editor_injector_component.dig('container', 'image')).to eq("#{other_registry_image_name}:2.36.3")
+    end
+  end
 end
diff --git a/ee/spec/lib/remote_development/workspaces/create/tools_component_injector_spec.rb b/ee/spec/lib/remote_development/workspaces/create/tools_component_injector_spec.rb
index 1c7dea278e161f067c67af960f6c6ad25c37dc95..a71746f01ca87ac3bdc031b1589c3c1e5288e91f 100644
--- a/ee/spec/lib/remote_development/workspaces/create/tools_component_injector_spec.rb
+++ b/ee/spec/lib/remote_development/workspaces/create/tools_component_injector_spec.rb
@@ -6,6 +6,7 @@
   include_context 'with remote development shared fixtures'
 
   let(:agent) { create(:ee_cluster_agent, :with_remote_development_agent_config) }
+  let(:other_registry_image_name) { 'other.registry.com/gitlab-org/gitlab-web-ide-vscode-fork/web-ide-injector' }
   let(:input_processed_devfile_name) { 'example.flattened-devfile.yaml' }
   let(:input_processed_devfile) { YAML.safe_load(read_devfile(input_processed_devfile_name)).to_h }
   let(:expected_processed_devfile_name) { 'example.tools-injected-devfile.yaml' }
@@ -43,4 +44,17 @@
       expect(returned_value[:processed_devfile]).to eq(expected_processed_devfile)
     end
   end
+
+  context 'when the project_editor_image setting is configured' do
+    before do
+      Settings.remote_development.project_editor_image = other_registry_image_name
+    end
+
+    it 'injects the specified image instead of the default' do
+      components = returned_value.dig(:processed_devfile, "components")
+      editor_injector_component = components.find { |component| component.fetch("name") == component_name }
+
+      expect(editor_injector_component.dig('container', 'image')).to eq("#{other_registry_image_name}:2")
+    end
+  end
 end