diff --git a/edbterraform/data/templates/aws/machine.tf.j2 b/edbterraform/data/templates/aws/machine.tf.j2
index 255aa905..f3566759 100644
--- a/edbterraform/data/templates/aws/machine.tf.j2
+++ b/edbterraform/data/templates/aws/machine.tf.j2
@@ -15,7 +15,7 @@ module "machine_{{ region_ }}" {
   use_agent                = module.spec.base.ssh_key.use_agent
   key_name                 = module.key_pair_{{ region_ }}.key_pair_id
   tags                     = each.value.spec.tags
-  public_cidrblocks        = [var.public_cidrblock]
+  public_cidrblocks        = var.public_cidrblocks
   service_cidrblocks       = local.service_cidrblocks
   internal_cidrblocks      = module.spec.region_cidrblocks
 
diff --git a/edbterraform/data/templates/aws/network.tf.j2 b/edbterraform/data/templates/aws/network.tf.j2
index 8aca617d..21ced79a 100644
--- a/edbterraform/data/templates/aws/network.tf.j2
+++ b/edbterraform/data/templates/aws/network.tf.j2
@@ -34,7 +34,7 @@ module "routes_{{ region_ }}" {
 
   subnet_count       = length([for a, s in lookup(module.spec.region_zone_networks, "{{ region }}", {}) : a])
   vpc_id             = module.vpc_{{ region_ }}.vpc_id
-  public_cidrblock   = var.public_cidrblock
+  public_cidrblock   = "0.0.0.0/0" # Allow all routing
   cluster_name       = module.spec.base.tags.cluster_name
   tags               = module.spec.base.tags
 
@@ -51,7 +51,7 @@ module "security_{{ region_ }}" {
   vpc_id           = module.vpc_{{ region_ }}.vpc_id
   cluster_name     = module.spec.base.tags.cluster_name
   ports            = try(module.spec.region_ports["{{ region }}"], [])
-  public_cidrblocks = [var.public_cidrblock]
+  public_cidrblocks = var.public_cidrblocks
   service_cidrblocks = local.service_cidrblocks
   internal_cidrblocks = module.spec.region_cidrblocks
   tags             = module.spec.base.tags
diff --git a/edbterraform/data/templates/azure/machine.tf.j2 b/edbterraform/data/templates/azure/machine.tf.j2
index b0cfc40c..a6e79ed0 100644
--- a/edbterraform/data/templates/azure/machine.tf.j2
+++ b/edbterraform/data/templates/azure/machine.tf.j2
@@ -21,7 +21,7 @@ module "machine_{{ region_ }}" {
   use_agent                       = module.spec.base.ssh_key.use_agent
   name_id                         = module.spec.hex_id
   tags                            = each.value.spec.tags
-  public_cidrblocks               = [var.public_cidrblock]
+  public_cidrblocks               = var.public_cidrblocks
   service_cidrblocks              = local.service_cidrblocks
   internal_cidrblocks             = module.spec.region_cidrblocks
 
diff --git a/edbterraform/data/templates/azure/network.tf.j2 b/edbterraform/data/templates/azure/network.tf.j2
index e3f2df35..bcb97af0 100644
--- a/edbterraform/data/templates/azure/network.tf.j2
+++ b/edbterraform/data/templates/azure/network.tf.j2
@@ -43,7 +43,7 @@ module "security_{{ region_ }}" {
   region            = module.vpc_{{ region_ }}.region
   resource_name     = module.vpc_{{ region_ }}.resource_name
   ports             = try(module.spec.region_ports["{{ region }}"], [])
-  public_cidrblocks        = [var.public_cidrblock]
+  public_cidrblocks        = var.public_cidrblocks
   service_cidrblocks       = local.service_cidrblocks
   internal_cidrblocks      = module.spec.region_cidrblocks
   tags              = module.spec.base.tags
diff --git a/edbterraform/data/templates/gcloud/machine.tf.j2 b/edbterraform/data/templates/gcloud/machine.tf.j2
index a3ce52fe..baa8b39b 100644
--- a/edbterraform/data/templates/gcloud/machine.tf.j2
+++ b/edbterraform/data/templates/gcloud/machine.tf.j2
@@ -17,7 +17,7 @@ module "machine_{{ region_ }}" {
   subnet_name                     = module.network_{{ region_ }}[each.value.spec.zone_name].name
   name_id                         = module.spec.hex_id
   tags                            = each.value.spec.tags
-  public_cidrblocks               = [var.public_cidrblock]
+  public_cidrblocks               = var.public_cidrblocks
   service_cidrblocks              = var.service_cidrblocks
   internal_cidrblocks             = module.spec.region_cidrblocks
 
diff --git a/edbterraform/data/templates/gcloud/network.tf.j2 b/edbterraform/data/templates/gcloud/network.tf.j2
index b270366c..abdc15c4 100644
--- a/edbterraform/data/templates/gcloud/network.tf.j2
+++ b/edbterraform/data/templates/gcloud/network.tf.j2
@@ -58,7 +58,7 @@ module "security_{{ region_ }}" {
 
   network_name  = module.vpc_{{ region_ }}.vpc_id
   ports         = try(module.spec.region_ports["{{ region }}"], [])
-  public_cidrblocks        = [var.public_cidrblock]
+  public_cidrblocks        = var.public_cidrblocks
   service_cidrblocks       = local.service_cidrblocks
   internal_cidrblocks      = module.spec.region_cidrblocks
   region        = "{{ region }}"
diff --git a/edbterraform/data/terraform/common_vars.tf b/edbterraform/data/terraform/common_vars.tf
index e1c4408e..a6cfae85 100644
--- a/edbterraform/data/terraform/common_vars.tf
+++ b/edbterraform/data/terraform/common_vars.tf
@@ -9,10 +9,10 @@ variable "spec" {
   nullable    = false
 }
 
-variable "public_cidrblock" {
+variable "public_cidrblocks" {
   description = "Public CIDR block"
-  type        = string
-  default     = "0.0.0.0/0"
+  type        = list(string)
+  default     = ["0.0.0.0/0"]
 }
 
 variable "service_cidrblocks" {
@@ -52,7 +52,7 @@ data "http" "instance_ip" {
 
 locals {
   # format the ip with the mask to get a valid cidr block
-  # ex: cidrhost("1.2.3.4/32",0) => 1.2.3.4 | cidrhost("1.2.3.4/24",0) => 1.2.3.0 | cidrhost("1.2.3.4/16",0) => 1.2.0.0 | cidrhost("1.2.3.4/32",0) => 1.0.0.0
+  # ex: cidrhost("1.2.3.4/32",0) => 1.2.3.4 | cidrhost("1.2.3.4/24",0) => 1.2.3.0 | cidrhost("1.2.3.4/16",0) => 1.2.0.0 | cidrhost("1.2.3.4/8",0) => 1.0.0.0
   dynamic_ip = var.force_dynamic_ip ? [
     "${cidrhost(
         format("%s/%s",