diff --git a/pkg/apis/azureprovider/v1alpha1/azuremachineproviderconfig_types.go b/pkg/apis/azureprovider/v1alpha1/azuremachineproviderconfig_types.go
index 1a9e750daaa..8c9f9b7c0a0 100644
--- a/pkg/apis/azureprovider/v1alpha1/azuremachineproviderconfig_types.go
+++ b/pkg/apis/azureprovider/v1alpha1/azuremachineproviderconfig_types.go
@@ -48,6 +48,18 @@ type AzureMachineProviderSpec struct {
 	SSHPublicKey  string `json:"sshPublicKey"`
 	SSHPrivateKey string `json:"sshPrivateKey"`
 	PublicIP      bool   `json:"publicIP"`
+
+	// Subnet to use for this instance
+	Subnet string `json:"subnet"`
+
+	// PublicLoadBalancer to use for this instance
+	PublicLoadBalancer string `json:"publicLoadBalancer"`
+
+	// InternalLoadBalancerName to use for this instance
+	InternalLoadBalancer string `json:"internalLoadBalancer"`
+
+	// NatRule to set inbound NAT rule of the load balancer
+	NatRule *int `json:"natRule"`
 }
 
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
diff --git a/pkg/cloud/azure/actuators/machine/actuator_test.go b/pkg/cloud/azure/actuators/machine/actuator_test.go
index 28a6a2bd355..fe6a2eb8e5e 100644
--- a/pkg/cloud/azure/actuators/machine/actuator_test.go
+++ b/pkg/cloud/azure/actuators/machine/actuator_test.go
@@ -144,7 +144,9 @@ func newFakeScope(t *testing.T, label string) *actuators.MachineScope {
 		Scope:         scope,
 		Machine:       m,
 		MachineClient: c.Machines("dummyNamespace"),
-		MachineConfig: &v1alpha1.AzureMachineProviderSpec{},
+		MachineConfig: &v1alpha1.AzureMachineProviderSpec{
+			Subnet: "dummySubnet",
+		},
 		MachineStatus: &v1alpha1.AzureMachineProviderStatus{},
 	}
 }
diff --git a/pkg/cloud/azure/actuators/machine/reconciler.go b/pkg/cloud/azure/actuators/machine/reconciler.go
index 5101f59d8c6..1c2a2a6360f 100644
--- a/pkg/cloud/azure/actuators/machine/reconciler.go
+++ b/pkg/cloud/azure/actuators/machine/reconciler.go
@@ -549,16 +549,21 @@ func (s *Reconciler) createNetworkInterface(ctx context.Context, nicName string)
 		Name:     nicName,
 		VnetName: azure.GenerateVnetName(s.scope.Cluster.Name),
 	}
-	switch set := s.scope.Machine.ObjectMeta.Labels[v1alpha1.MachineRoleLabel]; set {
-	case v1alpha1.Node:
-		networkInterfaceSpec.SubnetName = azure.GenerateNodeSubnetName(s.scope.Cluster.Name)
-	case v1alpha1.ControlPlane:
-		networkInterfaceSpec.SubnetName = azure.GenerateControlPlaneSubnetName(s.scope.Cluster.Name)
-		networkInterfaceSpec.PublicLoadBalancerName = azure.GeneratePublicLBName(s.scope.Cluster.Name)
-		networkInterfaceSpec.InternalLoadBalancerName = azure.GenerateInternalLBName(s.scope.Cluster.Name)
-		networkInterfaceSpec.NatRule = 0
-	default:
-		return errors.Errorf("unknown value %s for label `set` on machine %s, skipping machine creation", set, s.scope.Machine.Name)
+
+	if s.scope.MachineConfig.Subnet == "" {
+		return errors.Errorf("MachineConfig subnet is missing on machine %s, skipping machine creation", s.scope.Machine.Name)
+	}
+
+	networkInterfaceSpec.SubnetName = s.scope.MachineConfig.Subnet
+
+	if s.scope.MachineConfig.PublicLoadBalancer != "" {
+		networkInterfaceSpec.PublicLoadBalancerName = s.scope.MachineConfig.PublicLoadBalancer
+		if s.scope.MachineConfig.NatRule != nil {
+			networkInterfaceSpec.NatRule = s.scope.MachineConfig.NatRule
+		}
+	}
+	if s.scope.MachineConfig.InternalLoadBalancer != "" {
+		networkInterfaceSpec.InternalLoadBalancerName = s.scope.MachineConfig.InternalLoadBalancer
 	}
 
 	if s.scope.MachineConfig.PublicIP {
diff --git a/pkg/cloud/azure/services/networkinterfaces/networkinterfaces.go b/pkg/cloud/azure/services/networkinterfaces/networkinterfaces.go
index 339d23909c5..65dcd0dfb15 100644
--- a/pkg/cloud/azure/services/networkinterfaces/networkinterfaces.go
+++ b/pkg/cloud/azure/services/networkinterfaces/networkinterfaces.go
@@ -38,7 +38,7 @@ type Spec struct {
 	StaticIPAddress          string
 	PublicLoadBalancerName   string
 	InternalLoadBalancerName string
-	NatRule                  int
+	NatRule                  *int
 	PublicIP                 string
 }
 
@@ -112,10 +112,12 @@ func (s *Service) CreateOrUpdate(ctx context.Context, spec azure.Spec) error {
 			network.BackendAddressPool{
 				ID: (*lb.BackendAddressPools)[0].ID,
 			})
-		nicConfig.LoadBalancerInboundNatRules = &[]network.InboundNatRule{
-			{
-				ID: (*lb.InboundNatRules)[nicSpec.NatRule].ID,
-			},
+		if nicSpec.NatRule != nil {
+			nicConfig.LoadBalancerInboundNatRules = &[]network.InboundNatRule{
+				{
+					ID: (*lb.InboundNatRules)[*nicSpec.NatRule].ID,
+				},
+			}
 		}
 	}
 	if nicSpec.InternalLoadBalancerName != "" {