diff --git a/alz/azuredevops/locals.tf b/alz/azuredevops/locals.tf
index 7b3a8df..db03119 100644
--- a/alz/azuredevops/locals.tf
+++ b/alz/azuredevops/locals.tf
@@ -11,6 +11,11 @@ locals {
   iac_terraform = "terraform"
 }
 
+locals {
+  use_private_networking          = var.use_self_hosted_agents && var.use_private_networking
+  allow_storage_access_from_my_ip = local.use_private_networking && var.allow_storage_access_from_my_ip
+}
+
 locals {
   plan_key  = "plan"
   apply_key = "apply"
diff --git a/alz/azuredevops/main.tf b/alz/azuredevops/main.tf
index ebc11df..1f58711 100644
--- a/alz/azuredevops/main.tf
+++ b/alz/azuredevops/main.tf
@@ -42,8 +42,8 @@ module "azure" {
   virtual_network_subnet_name_container_instances           = local.resource_names.subnet_container_instances
   virtual_network_subnet_name_private_endpoints             = local.resource_names.subnet_private_endpoints
   storage_account_private_endpoint_name                     = local.resource_names.storage_account_private_endpoint
-  use_private_networking                                    = var.use_private_networking
-  allow_storage_access_from_my_ip                           = var.allow_storage_access_from_my_ip
+  use_private_networking                                    = local.use_private_networking
+  allow_storage_access_from_my_ip                           = local.allow_storage_access_from_my_ip
   virtual_network_address_space                             = var.virtual_network_address_space
   virtual_network_subnet_address_prefix_container_instances = var.virtual_network_subnet_address_prefix_container_instances
   virtual_network_subnet_address_prefix_private_endpoints   = var.virtual_network_subnet_address_prefix_private_endpoints
diff --git a/alz/github/locals.tf b/alz/github/locals.tf
index 776aef6..50667d4 100644
--- a/alz/github/locals.tf
+++ b/alz/github/locals.tf
@@ -15,6 +15,11 @@ locals {
   iac_terraform = "terraform"
 }
 
+locals {
+  use_private_networking          = var.use_self_hosted_runners && var.use_private_networking
+  allow_storage_access_from_my_ip = local.use_private_networking && var.allow_storage_access_from_my_ip
+}
+
 locals {
   use_runner_group                   = var.use_runner_group && module.github.organization_plan == local.enterprise_plan && var.use_self_hosted_runners
   runner_organization_repository_url = local.use_runner_group ? module.github.organization_url : "${module.github.organization_url}/${module.github.repository_names.module}"
diff --git a/alz/github/main.tf b/alz/github/main.tf
index 7912416..5b82dfa 100644
--- a/alz/github/main.tf
+++ b/alz/github/main.tf
@@ -43,8 +43,8 @@ module "azure" {
   virtual_network_subnet_name_container_instances           = local.resource_names.subnet_container_instances
   virtual_network_subnet_name_private_endpoints             = local.resource_names.subnet_private_endpoints
   storage_account_private_endpoint_name                     = local.resource_names.storage_account_private_endpoint
-  use_private_networking                                    = var.use_private_networking
-  allow_storage_access_from_my_ip                           = var.allow_storage_access_from_my_ip
+  use_private_networking                                    = local.use_private_networking
+  allow_storage_access_from_my_ip                           = local.allow_storage_access_from_my_ip
   virtual_network_address_space                             = var.virtual_network_address_space
   virtual_network_subnet_address_prefix_container_instances = var.virtual_network_subnet_address_prefix_container_instances
   virtual_network_subnet_address_prefix_private_endpoints   = var.virtual_network_subnet_address_prefix_private_endpoints