diff --git a/defaults/main.yml b/defaults/main.yml
index df479ae9..52696a58 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -128,6 +128,7 @@ nova_api_db_connection_recycle_time: "{{ openstack_db_connection_recycle_time |
 ## DB Cells
 nova_cell0_database: "nova_cell0"
 nova_cell1_name: "cell1"
+nova_cell_force_update: False
 
 ## Oslo Messaging
 
diff --git a/releasenotes/notes/force_update_cell-efd821d2a5fa7ef0.yaml b/releasenotes/notes/force_update_cell-efd821d2a5fa7ef0.yaml
new file mode 100644
index 00000000..66c2a87d
--- /dev/null
+++ b/releasenotes/notes/force_update_cell-efd821d2a5fa7ef0.yaml
@@ -0,0 +1,7 @@
+---
+features:
+  - |
+    Added variable ``nova_cell_force_update`` that can be set to
+    True during runtime to force update cell records.
+    This might be useful in case of password rotation for DB users
+    for cell0 or any other changes in connection configuration.
diff --git a/tasks/nova_db_setup.yml b/tasks/nova_db_setup.yml
index 41e0115a..8e3fac16 100644
--- a/tasks/nova_db_setup.yml
+++ b/tasks/nova_db_setup.yml
@@ -61,7 +61,8 @@
   changed_when: false
   when:
     - _cell0_record | length > 0
-    - ('ssl_verify_cert' not in _cell0_record[0] and nova_galera_use_ssl) or
+    - nova_cell_force_update or
+      ('ssl_verify_cert' not in _cell0_record[0] and nova_galera_use_ssl) or
       ('ssl_verify_cert' in _cell0_record[0] and not nova_galera_use_ssl)
 
 - name: Synchronize the nova DB schema
@@ -105,7 +106,8 @@
   changed_when: false
   when:
     - _cell1_record | length > 0
-    - (nova_oslomsg_rpc_port ~ '/' ~ _nova_oslomsg_rpc_vhost_conf) not in _cell1_record[0]
+    - nova_cell_force_update or
+      (nova_oslomsg_rpc_port ~ '/' ~ _nova_oslomsg_rpc_vhost_conf) not in _cell1_record[0]
 
 # The nova-status upgrade check command is typically run after upgrading the
 # controller services to new code, but is also OK to run for a greenfield