diff --git a/modules/net-vpn-ha/main.tf b/modules/net-vpn-ha/main.tf
index c9a810e10..9d53ee080 100644
--- a/modules/net-vpn-ha/main.tf
+++ b/modules/net-vpn-ha/main.tf
@@ -22,7 +22,7 @@ locals {
     : var.router_config.name
   )
   vpn_gateway = (
-    var.vpn_gateway == null
+    var.vpn_gateway_create
     ? try(google_compute_ha_vpn_gateway.ha_gateway[0].self_link, null)
     : var.vpn_gateway
   )
@@ -30,7 +30,7 @@ locals {
 }
 
 resource "google_compute_ha_vpn_gateway" "ha_gateway" {
-  count   = var.vpn_gateway == null ? 1 : 0
+  count   = var.vpn_gateway_create ? 1 : 0
   name    = var.name
   project = var.project_id
   region  = var.region
diff --git a/modules/net-vpn-ha/variables.tf b/modules/net-vpn-ha/variables.tf
index ad5c491f4..a423eab15 100644
--- a/modules/net-vpn-ha/variables.tf
+++ b/modules/net-vpn-ha/variables.tf
@@ -93,7 +93,13 @@ variable "tunnels" {
 }
 
 variable "vpn_gateway" {
-  description = "Self link of an existing HA VPN Gateway to use. Set to null to create new VPN Gateway."
+  description = "HA VPN Gateway Self Link for using an existing HA VPN Gateway. Ignored if `vpn_gateway_create` is set to `true`."
   type        = string
   default     = null
 }
+
+variable "vpn_gateway_create" {
+  description = "Create HA VPN Gateway."
+  type        = bool
+  default     = true
+}