diff --git a/README.md b/README.md
index b889591..64fe045 100644
--- a/README.md
+++ b/README.md
@@ -46,6 +46,7 @@ Then perform the following commands on the root folder:
 | icmp\_idle\_timeout\_sec | Timeout (in seconds) for ICMP connections. Defaults to 30s if not set. Changing this forces a new NAT to be created. | `string` | `"30"` | no |
 | log\_config\_enable | Indicates whether or not to export logs | `bool` | `false` | no |
 | log\_config\_filter | Specifies the desired filtering of logs on this NAT. Valid values are: "ERRORS\_ONLY", "TRANSLATIONS\_ONLY", "ALL" | `string` | `"ALL"` | no |
+| max\_ports\_per\_vm | Maximum number of ports allocated to a VM from this NAT. This field can only be set when enableDynamicPortAllocation is enabled.This will be ignored if enable\_dynamic\_port\_allocation is set to false. | `string` | `null` | no |
 | min\_ports\_per\_vm | Minimum number of ports allocated to a VM from this NAT config. Defaults to 64 if not set. Changing this forces a new NAT to be created. | `string` | `"64"` | no |
 | name | Defaults to 'cloud-nat-RANDOM\_SUFFIX'. Changing this forces a new NAT to be created. | `string` | `""` | no |
 | nat\_ips | List of self\_links of external IPs. Changing this forces a new NAT to be created. Value of `nat_ip_allocate_option` is inferred based on nat\_ips. If present set to MANUAL\_ONLY, otherwise AUTO\_ONLY. | `list(string)` | `[]` | no |
diff --git a/main.tf b/main.tf
index 58bf41a..b9e961a 100644
--- a/main.tf
+++ b/main.tf
@@ -50,6 +50,7 @@ resource "google_compute_router_nat" "main" {
   nat_ips                             = var.nat_ips
   source_subnetwork_ip_ranges_to_nat  = var.source_subnetwork_ip_ranges_to_nat
   min_ports_per_vm                    = var.min_ports_per_vm
+  max_ports_per_vm                    = var.enable_dynamic_port_allocation ? var.max_ports_per_vm : null
   udp_idle_timeout_sec                = var.udp_idle_timeout_sec
   icmp_idle_timeout_sec               = var.icmp_idle_timeout_sec
   tcp_established_idle_timeout_sec    = var.tcp_established_idle_timeout_sec
diff --git a/variables.tf b/variables.tf
index b4f8ffe..cdef2a4 100644
--- a/variables.tf
+++ b/variables.tf
@@ -36,6 +36,12 @@ variable "min_ports_per_vm" {
   default     = "64"
 }
 
+variable "max_ports_per_vm" {
+  type        = string
+  description = "Maximum number of ports allocated to a VM from this NAT. This field can only be set when enableDynamicPortAllocation is enabled.This will be ignored if enable_dynamic_port_allocation is set to false."
+  default     = null
+}
+
 variable "name" {
   type        = string
   description = "Defaults to 'cloud-nat-RANDOM_SUFFIX'. Changing this forces a new NAT to be created."