diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl
index 0b78d87..60fa4d8 100644
--- a/.terraform.lock.hcl
+++ b/.terraform.lock.hcl
@@ -3,7 +3,7 @@
 
 provider "registry.terraform.io/azure/azapi" {
   version     = "1.12.1"
-  constraints = "~> 1.12.1"
+  constraints = ">= 1.4.0, >= 1.9.0, ~> 1.12.1, < 2.0.0"
   hashes = [
     "h1:EaQL7pQCRm5iL2zy/dG7rOe2OZ0ZypuyVnpQAiAwJmM=",
     "zh:1cf52e685ceb04e73e13fbf3f3036bff23a3274a4ceda8693c0612076a588166",
@@ -23,7 +23,7 @@ provider "registry.terraform.io/azure/azapi" {
 
 provider "registry.terraform.io/hashicorp/azurerm" {
   version     = "3.94.0"
-  constraints = "~> 3.94.0"
+  constraints = ">= 3.74.0, >= 3.84.0, ~> 3.94.0, < 4.0.0"
   hashes = [
     "h1:t3fM/PO8PLAA5mK3esAypp01V6Vh75kjPnNqxQeVrV0=",
     "zh:20d102bc63096ade82f8da81c91afaffa858aa56fe9a7ad02f24f5ae5618bc53",
@@ -82,21 +82,21 @@ provider "registry.terraform.io/hashicorp/null" {
 }
 
 provider "registry.terraform.io/hashicorp/random" {
-  version = "3.6.0"
+  version = "3.6.1"
   hashes = [
-    "h1:I8MBeauYA8J8yheLJ8oSMWqB0kovn16dF/wKZ1QTdkk=",
-    "zh:03360ed3ecd31e8c5dac9c95fe0858be50f3e9a0d0c654b5e504109c2159287d",
-    "zh:1c67ac51254ba2a2bb53a25e8ae7e4d076103483f55f39b426ec55e47d1fe211",
-    "zh:24a17bba7f6d679538ff51b3a2f378cedadede97af8a1db7dad4fd8d6d50f829",
-    "zh:30ffb297ffd1633175d6545d37c2217e2cef9545a6e03946e514c59c0859b77d",
-    "zh:454ce4b3dbc73e6775f2f6605d45cee6e16c3872a2e66a2c97993d6e5cbd7055",
+    "h1:a+Goawwh6Qtg4/bRWzfDtIdrEFfPlnVy0y4LdUQY3nI=",
+    "zh:2a0ec154e39911f19c8214acd6241e469157489fc56b6c739f45fbed5896a176",
+    "zh:57f4e553224a5e849c99131f5e5294be3a7adcabe2d867d8a4fef8d0976e0e52",
+    "zh:58f09948c608e601bd9d0a9e47dcb78e2b2c13b4bda4d8f097d09152ea9e91c5",
+    "zh:5c2a297146ed6fb3fe934c800e78380f700f49ff24dbb5fb5463134948e3a65f",
     "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
-    "zh:91df0a9fab329aff2ff4cf26797592eb7a3a90b4a0c04d64ce186654e0cc6e17",
-    "zh:aa57384b85622a9f7bfb5d4512ca88e61f22a9cea9f30febaa4c98c68ff0dc21",
-    "zh:c4a3e329ba786ffb6f2b694e1fd41d413a7010f3a53c20b432325a94fa71e839",
-    "zh:e2699bc9116447f96c53d55f2a00570f982e6f9935038c3810603572693712d0",
-    "zh:e747c0fd5d7684e5bfad8aa0ca441903f15ae7a98a737ff6aca24ba223207e2c",
-    "zh:f1ca75f417ce490368f047b63ec09fd003711ae48487fba90b4aba2ccf71920e",
+    "zh:7ce41e26f0603e31cdac849085fc99e5cd5b3b73414c6c6d955c0ceb249b593f",
+    "zh:8c9e8d30c4ef08ee8bcc4294dbf3c2115cd7d9049c6ba21422bd3471d92faf8a",
+    "zh:93e91be717a7ffbd6410120eb925ebb8658cc8f563de35a8b53804d33c51c8b0",
+    "zh:982542e921970d727ce10ed64795bf36c4dec77a5db0741d4665230d12250a0d",
+    "zh:b9d1873f14d6033e216510ef541c891f44d249464f13cc07d3f782d09c7d18de",
+    "zh:cfe27faa0bc9556391c8803ade135a5856c34a3fe85b9ae3bdd515013c0c87c1",
+    "zh:e4aabf3184bbb556b89e4b195eab1514c86a2914dd01c23ad9813ec17e863a8a",
   ]
 }
 
diff --git a/aks.tf b/aks.tf
index 2d7c9ad..3af7616 100644
--- a/aks.tf
+++ b/aks.tf
@@ -32,15 +32,17 @@ module "aks" {
   enable_auto_scaling    = true
   enable_host_encryption = false
 
-  green_field_application_gateway_for_ingress = {
-    name        = "ingress"
-    subnet_cidr = local.appgw_cidr
-  }
+  // https://azure.github.io/application-gateway-kubernetes-ingress/setup/install-new/
+  //
+  // NOTE(jm): once we decide to enable ingress'ed applications using gateway, uncomment this and add a gateway cidr to
+  // parameters.
+  #green_field_application_gateway_for_ingress = {
+  #name        = "ingress"
+  #subnet_cidr = local.appgw_cidr
+  #}
   create_role_assignments_for_application_gateway = true
   local_account_disabled                          = false
   log_analytics_workspace_enabled                 = false
-  net_profile_dns_service_ip                      = local.dns_service_ip
-  net_profile_service_cidr                        = local.service_cidr
   network_plugin                                  = "azure"
   network_policy                                  = "azure"
   os_disk_size_gb                                 = 60
diff --git a/network.tf b/network.tf
index 7e62087..3089fff 100644
--- a/network.tf
+++ b/network.tf
@@ -1,15 +1,4 @@
-locals {
-  // we create a network with two address spaces - one for node pool subnets and one for services, gateways etc.
-  address_spaces = ["10.0.0.0/16", "10.2.0.0/16"]
-  // node pool subnets
-  subnet_cidrs = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
-  subnet_names = ["a", "b", "c"]
-
-  // app and services
-  appgw_cidr     = "10.2.0.0/24"
-  service_cidr   = "10.2.1.0/24"
-  dns_service_ip = "10.2.1.10"
-}
+locals {}
 
 data "azurerm_virtual_network" "network" {
   name                = var.network_name