diff --git a/terraform/modules/cloudsql/cloudsql.tf b/terraform/modules/cloudsql/cloudsql.tf
index 35d68c0..9d85a5f 100644
--- a/terraform/modules/cloudsql/cloudsql.tf
+++ b/terraform/modules/cloudsql/cloudsql.tf
@@ -33,6 +33,12 @@ variable "postgres_password" {
   default     = "hunter2"
 }
 
+variable "require_tls" {
+  description = "Whether or not we should require TLS when connecting to cloudsql."
+  type        = bool
+  default     = false
+}
+
 output "connection_name" {
   description = "The connection string for connecting to the cloudsql instance (for example, through cloudsql proxy)."
   value       = google_sql_database_instance.instance.connection_name
@@ -71,7 +77,7 @@ resource "google_sql_database_instance" "instance" {
     ip_configuration {
       ipv4_enabled    = false
       private_network = var.private_network_id
-      require_ssl     = true
+      require_ssl     = var.require_tls
     }
 
     database_flags {