diff --git a/README.md b/README.md
index ea1a12f4..fbfe694c 100644
--- a/README.md
+++ b/README.md
@@ -92,6 +92,7 @@ If the user does not share the same domain as the org the bastion is in, you wil
 | preemptible | Allow the instance to be preempted | `bool` | `false` | no |
 | project | The project ID to deploy to | `string` | n/a | yes |
 | random\_role\_id | Enables role random id generation. | `bool` | `true` | no |
+| region | The region where the bastion instance template will live | `string` | `null` | no |
 | scopes | List of scopes to attach to the bastion host | `list(string)` | <pre>[<br>  "cloud-platform"<br>]</pre> | no |
 | service\_account\_email | If set, the service account and its permissions will not be created. The service account being passed in should have at least the roles listed in the `service_account_roles` variable so that logging and OS Login work as expected. | `string` | `""` | no |
 | service\_account\_name | Account ID for the service account | `string` | `"bastion"` | no |
diff --git a/main.tf b/main.tf
index 756a6aab..65d4ea63 100644
--- a/main.tf
+++ b/main.tf
@@ -54,6 +54,7 @@ module "instance_template" {
   subnetwork          = var.subnet
   subnetwork_project  = var.host_project
   additional_networks = var.additional_networks
+  region              = var.region
 
   service_account = {
     email  = local.service_account_email
diff --git a/variables.tf b/variables.tf
index 1fddfd86..60811358 100644
--- a/variables.tf
+++ b/variables.tf
@@ -167,6 +167,13 @@ variable "zone" {
   default     = "us-central1-a"
 }
 
+variable "region" {
+  type = string
+
+  description = "The region where the bastion instance template will live"
+  default     = null
+}
+
 variable "random_role_id" {
   type = bool