diff --git a/modules/ncc-spoke-ra/main.tf b/modules/ncc-spoke-ra/main.tf
index 66e6194f..eead0c7d 100644
--- a/modules/ncc-spoke-ra/main.tf
+++ b/modules/ncc-spoke-ra/main.tf
@@ -55,21 +55,21 @@ resource "google_compute_router" "cr" {
   region  = var.region
   bgp {
     advertise_mode = (
-      var.custom_advertise != null ? "CUSTOM" : "DEFAULT"
+      var.router_config.custom_advertise != null ? "CUSTOM" : "DEFAULT"
     )
     advertised_groups = (
-      try(var.custom_advertise.all_subnets, false)
+      try(var.router_config.custom_advertise.all_subnets, false)
       ? ["ALL_SUBNETS"] : []
     )
     dynamic "advertised_ip_ranges" {
-      for_each = try(var.custom_advertise.ip_ranges, {})
+      for_each = try(var.router_config.custom_advertise.ip_ranges, {})
       content {
         description = advertised_ip_ranges.key
         range       = advertised_ip_ranges.value
       }
     }
-    asn                = var.asn
-    keepalive_interval = try(var.keepalive, null)
+    asn                = var.router_config.asn
+    keepalive_interval = try(var.router_config.keepalive, null)
   }
 }
 
@@ -79,7 +79,7 @@ resource "google_compute_router_interface" "intf1" {
   router             = google_compute_router.cr.name
   region             = var.region
   subnetwork         = var.vpc_config.subnet_self_link
-  private_ip_address = var.ip_intf1
+  private_ip_address = var.router_config.ip_interface1
 }
 
 resource "google_compute_router_interface" "intf2" {
@@ -88,7 +88,7 @@ resource "google_compute_router_interface" "intf2" {
   router              = google_compute_router.cr.name
   region              = var.region
   subnetwork          = var.vpc_config.subnet_self_link
-  private_ip_address  = var.ip_intf2
+  private_ip_address  = var.router_config.ip_interface2
   redundant_interface = google_compute_router_interface.intf1.name
 }
 
@@ -101,7 +101,7 @@ resource "google_compute_router_peer" "peer1" {
   router                    = google_compute_router.cr.name
   region                    = var.region
   interface                 = google_compute_router_interface.intf1.name
-  peer_asn                  = var.peer_asn
+  peer_asn                  = var.router_config.peer_asn
   peer_ip_address           = each.value.ip
   router_appliance_instance = each.value.vm
 }
@@ -115,7 +115,7 @@ resource "google_compute_router_peer" "peer2" {
   router                    = google_compute_router.cr.name
   region                    = var.region
   interface                 = google_compute_router_interface.intf2.name
-  peer_asn                  = var.peer_asn
+  peer_asn                  = var.router_config.peer_asn
   peer_ip_address           = each.value.ip
   router_appliance_instance = each.value.vm
 }
diff --git a/modules/ncc-spoke-ra/variables.tf b/modules/ncc-spoke-ra/variables.tf
index 2c54c0d7..9db83983 100644
--- a/modules/ncc-spoke-ra/variables.tf
+++ b/modules/ncc-spoke-ra/variables.tf
@@ -14,20 +14,6 @@
  * limitations under the License.
  */
 
-variable "asn" {
-  description = "Autonomous System Number for the CR. All spokes in a hub should use the same ASN."
-  type        = number
-}
-
-variable "custom_advertise" {
-  description = "IP ranges to advertise if not using default route advertisement (subnet ranges)."
-  type = object({
-    all_subnets = bool
-    ip_ranges   = map(string) # map of descriptions and address ranges
-  })
-  default = null
-}
-
 variable "data_transfer" {
   description = "Site-to-site data transfer feature, available only in some regions."
   type        = bool
@@ -43,39 +29,21 @@ variable "hub" {
   })
 }
 
-variable "ip_intf1" {
-  description = "IP address for the CR interface 1. It must belong to the primary range of the subnet. If you don't specify a value Google will try to find a free address."
-  type        = string
-  default     = null
-}
-
-variable "ip_intf2" {
-  description = "IP address for the CR interface 2. It must belong to the primary range of the subnet. If you don't specify a value Google will try to find a free address."
-  type        = string
-  default     = null
-}
-
-variable "keepalive" {
-  description = "The interval in seconds between BGP keepalive messages that are sent to the peer."
-  type        = number
-  default     = null
-}
-
 variable "name" {
   description = "The name of the NCC spoke."
   type        = string
 }
 
-variable "peer_asn" {
-  description = "Peer Autonomous System Number used by the router appliances."
-  type        = number
-}
-
 variable "project_id" {
   description = "The ID of the project where the NCC hub & spokes will be created."
   type        = string
 }
 
+variable "region" {
+  description = "Region where the spoke is located."
+  type        = string
+}
+
 variable "router_appliances" {
   description = "List of router appliances this spoke is associated with."
   type = list(object({
@@ -84,9 +52,19 @@ variable "router_appliances" {
   }))
 }
 
-variable "region" {
-  description = "Region where the spoke is located."
-  type        = string
+variable "router_config" {
+  description = "Configuration of the Cloud Router."
+  type = object({
+    asn = number
+    custom_advertise = optional(object({
+      all_subnets = bool
+      ip_ranges   = map(string) # map of descriptions and address ranges
+    }))
+    ip_interface1 = optional(string)
+    ip_interface2 = optional(string)
+    keepalive     = optional(number)
+    peer_asn      = number
+  })
 }
 
 variable "vpc_config" {