diff --git a/modules/fabric-net-firewall/main.tf b/modules/fabric-net-firewall/main.tf
index ecb3d1ae..f79a569e 100644
--- a/modules/fabric-net-firewall/main.tf
+++ b/modules/fabric-net-firewall/main.tf
@@ -131,7 +131,15 @@ resource "google_compute_firewall" "custom" {
   target_service_accounts = each.value.use_service_accounts ? each.value.targets : null
   disabled                = lookup(each.value.extra_attributes, "disabled", false)
   priority                = lookup(each.value.extra_attributes, "priority", 1000)
-  enable_logging          = lookup(each.value.extra_attributes, "enable_logging", null)
+
+  dynamic "log_config" {
+    for_each = lookup(each.value, "flow_logs", false) ? [{
+      metadata = lookup(each.value, "flow_logs_metadata", "INCLUDE_ALL_METADATA")
+    }] : []
+    content {
+      metadata = log_config.value.metadata
+    }
+  }
 
   dynamic "allow" {
     for_each = [for rule in each.value.rules : rule if each.value.action == "allow"]