diff --git a/fast/stages/02-networking-nva/data/firewall-rules/dev/rules.yaml b/fast/stages/02-networking-nva/data/firewall-rules/dev/rules.yaml
index d4df8cdc..3e2d9cc9 100644
--- a/fast/stages/02-networking-nva/data/firewall-rules/dev/rules.yaml
+++ b/fast/stages/02-networking-nva/data/firewall-rules/dev/rules.yaml
@@ -4,8 +4,8 @@ ingress-allow-composer-nodes:
   description: "Allow traffic to Composer nodes."
   direction: INGRESS
   action: allow
-  sources: []
-  ranges: ["0.0.0.0/0"]
+  sources:
+    - composer-worker
   targets:
     - composer-worker
   use_service_accounts: false
@@ -17,8 +17,8 @@ ingress-allow-dataflow-load:
   description: "Allow traffic to Dataflow nodes."
   direction: INGRESS
   action: allow
-  sources: []
-  ranges: ["0.0.0.0/0"]
+  sources:
+    - dataflow
   targets:
     - dataflow
   use_service_accounts: false
diff --git a/fast/stages/02-networking-vpn/data/firewall-rules/dev/rules.yaml b/fast/stages/02-networking-vpn/data/firewall-rules/dev/rules.yaml
index d4df8cdc..3e2d9cc9 100644
--- a/fast/stages/02-networking-vpn/data/firewall-rules/dev/rules.yaml
+++ b/fast/stages/02-networking-vpn/data/firewall-rules/dev/rules.yaml
@@ -4,8 +4,8 @@ ingress-allow-composer-nodes:
   description: "Allow traffic to Composer nodes."
   direction: INGRESS
   action: allow
-  sources: []
-  ranges: ["0.0.0.0/0"]
+  sources:
+    - composer-worker
   targets:
     - composer-worker
   use_service_accounts: false
@@ -17,8 +17,8 @@ ingress-allow-dataflow-load:
   description: "Allow traffic to Dataflow nodes."
   direction: INGRESS
   action: allow
-  sources: []
-  ranges: ["0.0.0.0/0"]
+  sources:
+    - dataflow
   targets:
     - dataflow
   use_service_accounts: false