diff --git a/CHANGELOG.md b/CHANGELOG.md
index 7df400ef..15457fce 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -21,6 +21,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ### Added
 
+- Setting and fetching of `cidr_range` is now available for GCP Advanced tier
+  clusters.
+
 - Management of cluster backup settings is now supported using the
   `backup_config` attribute on the `cockroach_cluster` resource.  For more
   information, refer to
diff --git a/docs/data-sources/cluster.md b/docs/data-sources/cluster.md
index f2026a72..4ab57ca5 100644
--- a/docs/data-sources/cluster.md
+++ b/docs/data-sources/cluster.md
@@ -62,6 +62,7 @@ Read-Only:
 
 Read-Only:
 
+- `cidr_range` (String) The IPv4 range in CIDR format that is in use by the cluster. It is only set on GCP clusters and is otherwise empty.
 - `disk_iops` (Number) Number of disk I/O operations per second that are permitted on each node in the cluster. Zero indicates the cloud provider-specific default.
 - `machine_type` (String) Machine type identifier within the given cloud provider, ex. m6.xlarge, n2-standard-4.
 - `memory_gib` (Number) Memory per node in GiB.
diff --git a/docs/resources/cluster.md b/docs/resources/cluster.md
index 2830323b..aeb375b4 100644
--- a/docs/resources/cluster.md
+++ b/docs/resources/cluster.md
@@ -138,6 +138,7 @@ Optional:
 
 Optional:
 
+- `cidr_range` (String) The IPv4 range in CIDR format that will be used by the cluster. This is supported only on GCP, and must have a subnet mask no larger than /19. Defaults to "172.28.0.0/14". This cannot be changed after cluster creation.
 - `disk_iops` (Number) Number of disk I/O operations per second that are permitted on each node in the cluster. Zero indicates the cloud provider-specific default.
 - `machine_type` (String) Machine type identifier within the given cloud provider, e.g., m6.xlarge, n2-standard-4.
 - `num_virtual_cpus` (Number) Number of virtual CPUs per node in the cluster.
diff --git a/examples/workflows/cockroach_advanced_cluster/main.tf b/examples/workflows/cockroach_advanced_cluster/main.tf
index 8192a9fd..3bdd1c5f 100644
--- a/examples/workflows/cockroach_advanced_cluster/main.tf
+++ b/examples/workflows/cockroach_advanced_cluster/main.tf
@@ -98,6 +98,7 @@ resource "cockroach_cluster" "example" {
   dedicated = {
     storage_gib      = var.storage_gib
     num_virtual_cpus = var.num_virtual_cpus
+    cidr_range       = "172.28.0.0/14"
   }
   regions = [
     for r in var.cloud_provider_regions : {
diff --git a/internal/provider/cluster_data_source.go b/internal/provider/cluster_data_source.go
index 7482bcf9..67093c4a 100644
--- a/internal/provider/cluster_data_source.go
+++ b/internal/provider/cluster_data_source.go
@@ -122,6 +122,10 @@ func (d *clusterDataSource) Schema(
 						Computed:    true,
 						Description: "Indicates whether private IP addresses are assigned to nodes. Required for CMEK and other advanced networking features.",
 					},
+					"cidr_range": schema.StringAttribute{
+						Computed:    true,
+						Description: "The IPv4 range in CIDR format that is in use by the cluster. It is only set on GCP clusters and is otherwise empty.",
+					},
 				},
 			},
 			"regions": schema.ListNestedAttribute{
diff --git a/internal/provider/cluster_resource.go b/internal/provider/cluster_resource.go
index 339a738b..5189acfc 100644
--- a/internal/provider/cluster_resource.go
+++ b/internal/provider/cluster_resource.go
@@ -243,6 +243,14 @@ func (r *clusterResource) Schema(
 							boolplanmodifier.UseStateForUnknown(),
 						},
 					},
+					"cidr_range": schema.StringAttribute{
+						Optional:    true,
+						Computed:    true,
+						Description: "The IPv4 range in CIDR format that will be used by the cluster. This is supported only on GCP, and must have a subnet mask no larger than /19. Defaults to \"172.28.0.0/14\". This cannot be changed after cluster creation.",
+						PlanModifiers: []planmodifier.String{
+							stringplanmodifier.UseStateForUnknown(),
+						},
+					},
 				},
 			},
 			"regions": schema.ListNestedAttribute{
@@ -472,6 +480,9 @@ func (r *clusterResource) Create(
 				visibilityPrivate := client.NETWORKVISIBILITYTYPE_PRIVATE
 				dedicated.NetworkVisibility = &visibilityPrivate
 			}
+			if cfg.CidrRange.ValueString() != "" {
+				dedicated.CidrRange = ptr(cfg.CidrRange.ValueString())
+			}
 		}
 		clusterSpec.SetDedicated(dedicated)
 	}
@@ -700,6 +711,12 @@ func (r *clusterResource) ModifyPlan(
 					"visibility isn't allowed. Please explicitly destroy this cluster before changing "+
 					"network visibility.")
 		}
+		if dedicated := plan.DedicatedConfig; dedicated != nil && dedicated.CidrRange != state.DedicatedConfig.CidrRange {
+			resp.Diagnostics.AddError("Cannot update cidr range",
+				"To prevent accidental deletion of data, changing a cluster's cidr range "+
+					"isn't allowed. Please explicitly destroy this cluster before changing "+
+					"cidr range.")
+		}
 	}
 
 	if req.Plan.Raw.IsNull() {
@@ -1238,6 +1255,7 @@ func loadClusterToTerraformState(
 			MemoryGib:                types.Float64Value(float64(clusterObj.Config.Dedicated.MemoryGib)),
 			DiskIops:                 types.Int64Value(int64(clusterObj.Config.Dedicated.DiskIops)),
 			PrivateNetworkVisibility: types.BoolValue(clusterObj.GetNetworkVisibility() == client.NETWORKVISIBILITYTYPE_PRIVATE),
+			CidrRange:                types.StringValue(clusterObj.CidrRange),
 		}
 	}
 
diff --git a/internal/provider/cluster_resource_test.go b/internal/provider/cluster_resource_test.go
index 32820f7f..6aa6f8da 100644
--- a/internal/provider/cluster_resource_test.go
+++ b/internal/provider/cluster_resource_test.go
@@ -1607,6 +1607,7 @@ func TestIntegrationDedicatedClusterResource(t *testing.T) {
 				NodeCount: 1,
 			},
 		},
+		CidrRange: "172.28.0.0/16",
 	}
 
 	upgradingCluster := initialCluster
@@ -1768,10 +1769,12 @@ func testDedicatedClusterResource(
 				resource.TestCheckResourceAttrSet(resourceName, "cloud_provider"),
 				resource.TestCheckResourceAttrSet(resourceName, "cockroach_version"),
 				resource.TestCheckResourceAttr(resourceName, "plan", "ADVANCED"),
+				resource.TestCheckResourceAttr(resourceName, "dedicated.cidr_range", "172.28.0.0/16"),
 				resource.TestCheckResourceAttr(dataSourceName, "name", clusterName),
 				resource.TestCheckResourceAttrSet(dataSourceName, "cloud_provider"),
 				resource.TestCheckResourceAttrSet(dataSourceName, "cockroach_version"),
 				resource.TestCheckResourceAttr(dataSourceName, "plan", "ADVANCED"),
+				resource.TestCheckResourceAttr(dataSourceName, "dedicated.cidr_range", "172.28.0.0/16"),
 			),
 		},
 		{
@@ -1880,6 +1883,7 @@ resource "cockroach_cluster" "test" {
     dedicated = {
 	  storage_gib = 15
 	  num_virtual_cpus = %d
+	  cidr_range = "172.28.0.0/16"
     }
 	regions = [{
 		name: "us-central1"
diff --git a/internal/provider/models.go b/internal/provider/models.go
index cb6f302b..953d244d 100644
--- a/internal/provider/models.go
+++ b/internal/provider/models.go
@@ -44,6 +44,7 @@ type DedicatedClusterConfig struct {
 	MemoryGib                types.Float64 `tfsdk:"memory_gib"`
 	DiskIops                 types.Int64   `tfsdk:"disk_iops"`
 	PrivateNetworkVisibility types.Bool    `tfsdk:"private_network_visibility"`
+	CidrRange                types.String  `tfsdk:"cidr_range"`
 }
 
 type ServerlessClusterConfig struct {