diff --git a/README.md b/README.md
index 6f2611c..ee88629 100644
--- a/README.md
+++ b/README.md
@@ -31,7 +31,7 @@ Change logs are auto-generated with commitizen.
 | <a name="provider_aws"></a> [aws](#provider\_aws) | 6.0.0 |
 | <a name="provider_aws.route53_main"></a> [aws.route53\_main](#provider\_aws.route53\_main) | 6.0.0 |
 | <a name="provider_aws.route53_main_legacy"></a> [aws.route53\_main\_legacy](#provider\_aws.route53\_main\_legacy) | 6.0.0 |
-| <a name="provider_aws.self"></a> [aws.self](#provider\_aws.self) | 6.0.0 |
+| <a name="provider_aws.route53_self"></a> [aws.route53\_self](#provider\_aws.route53\_self) | 6.0.0 |
 | <a name="provider_null"></a> [null](#provider\_null) | 3.2.4 |
 
 ## Modules
@@ -52,8 +52,6 @@ No modules.
 | [aws_route53_zone.cluster_domain](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_zone) | resource |
 | [aws_route53_zone_association.central_zone_east](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_zone_association) | resource |
 | [aws_route53_zone_association.central_zone_west](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_zone_association) | resource |
-| [aws_route53_zone_association.cluster_zone_east](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_zone_association) | resource |
-| [aws_route53_zone_association.cluster_zone_west](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_zone_association) | resource |
 | [aws_route53_zone_association.legacy_zone_east](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_zone_association) | resource |
 | [aws_route53_zone_association.legacy_zone_west](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_zone_association) | resource |
 | [null_resource.git_version](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
diff --git a/dns-providers.tf b/dns-providers.tf
index 20eec5a..0039e63 100644
--- a/dns-providers.tf
+++ b/dns-providers.tf
@@ -20,7 +20,7 @@ provider "aws" {
 }
 
 provider "aws" {
-  alias   = "self"
+  alias   = "route53_self"
   profile = var.profile
   assume_role {
     role_arn     = format("arn:%v:iam::%v:role/r-inf-terraform-route53", data.aws_arn.current.partition, data.aws_caller_identity.current.account_id)
diff --git a/main.tf b/main.tf
index f3efd4f..996a30b 100644
--- a/main.tf
+++ b/main.tf
@@ -9,6 +9,7 @@ locals {
   is_shared_vpc              = data.aws_vpc.eks_vpc.owner_id != data.aws_caller_identity.current.account_id
   region                     = var.region
   vpc_domain_name            = var.vpc_domain_name
+  vpc_id                     = local.is_shared_vpc ? try(data.aws_vpc.dummy_vpc[0].id, null) : data.aws_vpc.eks_vpc.id
 }
 
 #-------------------------------------------------
@@ -21,7 +22,7 @@ resource "aws_route53_zone" "cluster_domain" {
   force_destroy = false
 
   vpc {
-    vpc_id     = local.is_shared_vpc ? try(data.aws_vpc.dummy_vpc[0].id, null) : data.aws_vpc.eks_vpc.id
+    vpc_id     = local.vpc_id
     vpc_region = local.region
   }
 
@@ -44,62 +45,61 @@ resource "aws_route53_zone" "cluster_domain" {
 # east region
 #---
 resource "aws_route53_vpc_association_authorization" "cluster_zone_east" {
-  count = local.region == "us-gov-east-1" ? 1 : 0
+  count = local.region == var.region_map["east"] ? 1 : 0
 
-  provider   = aws.self
-  vpc_id     = local.is_shared_vpc ? try(data.aws_vpc.dummy_vpc[0].id, null) : data.aws_vpc.eks_vpc.id
+  provider   = aws.route53_self
+  vpc_id     = local.vpc_id
   vpc_region = var.region_map["east"]
   zone_id    = aws_route53_zone.cluster_domain.zone_id
 }
 
-resource "aws_route53_zone_association" "cluster_zone_east" {
-  count = local.region == "us-gov-east-1" ? 1 : 0
+# resource "aws_route53_zone_association" "cluster_zone_east" {
+#   count = local.region == var.region_map["east"] ? 1 : 0
 
-  provider   = aws.route53_main
-  vpc_id     = local.is_shared_vpc ? try(data.aws_vpc.dummy_vpc[0].id, null) : data.aws_vpc.eks_vpc.id
-  vpc_region = var.region_map["east"]
-  zone_id    = aws_route53_zone.cluster_domain.zone_id
+#   provider   = aws.route53_main
+#   vpc_id     = local.vpc_id
+#   vpc_region = var.region_map["east"]
+#   zone_id    = aws_route53_zone.cluster_domain.zone_id
 
-  depends_on = [aws_route53_vpc_association_authorization.cluster_zone_east]
-}
+#   depends_on = [aws_route53_vpc_association_authorization.cluster_zone_east]
+# }
 
 #-------------------------------------------------
 # cluster PHZ Association west region
 #-------------------------------------------------
 resource "aws_route53_vpc_association_authorization" "cluster_zone_west" {
-  count = local.region == "us-gov-west-1" ? 1 : 0
+  count = local.region == var.region_map["west"] ? 1 : 0
 
-  provider   = aws.self
-  vpc_id     = local.is_shared_vpc ? try(data.aws_vpc.dummy_vpc[0].id, null) : data.aws_vpc.eks_vpc.id
+  provider   = aws.route53_self
+  vpc_id     = local.vpc_id
   vpc_region = var.region_map["west"]
   zone_id    = aws_route53_zone.cluster_domain.zone_id
 }
 
-resource "aws_route53_zone_association" "cluster_zone_west" {
-  count = local.region == "us-gov-west-1" ? 1 : 0
-
-  provider   = aws.route53_main
-  vpc_id     = local.is_shared_vpc ? try(data.aws_vpc.dummy_vpc[0].id, null) : data.aws_vpc.eks_vpc.id
-  vpc_region = var.region_map["west"]
-  zone_id    = aws_route53_zone.cluster_domain.zone_id
+# resource "aws_route53_zone_association" "cluster_zone_west" {
+#   count = local.region == var.region_map["west"] ? 1 : 0
+#   provider   = aws.route53_main
+#   vpc_id     = local.vpc_id
+#   vpc_region = var.region_map["west"]
+#   zone_id    = aws_route53_zone.cluster_domain.zone_id
 
-  depends_on = [aws_route53_vpc_association_authorization.cluster_zone_west]
-}
+#   depends_on = [aws_route53_vpc_association_authorization.cluster_zone_west]
+# }
 
 #---
 # cluster domain associations with central networking account
 # east region
 #---
 resource "aws_route53_vpc_association_authorization" "central_zone_east" {
-  provider   = aws.self
-  vpc_id     = var.route53_endpoints.route53_main["us-gov-east-1"]
+  provider   = aws.route53_self
+  vpc_id     = var.route53_endpoints.route53_main[var.region_map["east"]]
   vpc_region = var.region_map["east"]
   zone_id    = aws_route53_zone.cluster_domain.zone_id
 }
 
 resource "aws_route53_zone_association" "central_zone_east" {
   provider   = aws.route53_main
-  vpc_id     = var.route53_endpoints.route53_main["us-gov-east-1"]
+  vpc_id     = var.route53_endpoints.route53_main[var.region_map["east"]]
   vpc_region = var.region_map["east"]
   zone_id    = aws_route53_zone.cluster_domain.zone_id
 
@@ -110,15 +110,15 @@ resource "aws_route53_zone_association" "central_zone_east" {
 # west region
 #-------------------------------------------------
 resource "aws_route53_vpc_association_authorization" "central_zone_west" {
-  provider   = aws.self
-  vpc_id     = var.route53_endpoints.route53_main["us-gov-west-1"]
+  provider   = aws.route53_self
+  vpc_id     = var.route53_endpoints.route53_main[var.region_map["west"]]
   vpc_region = var.region_map["west"]
   zone_id    = aws_route53_zone.cluster_domain.zone_id
 }
 
 resource "aws_route53_zone_association" "central_zone_west" {
   provider   = aws.route53_main
-  vpc_id     = var.route53_endpoints.route53_main["us-gov-west-1"]
+  vpc_id     = var.route53_endpoints.route53_main[var.region_map["west"]]
   vpc_region = var.region_map["west"]
   zone_id    = aws_route53_zone.cluster_domain.zone_id
 
@@ -130,15 +130,15 @@ resource "aws_route53_zone_association" "central_zone_west" {
 # east region
 #---
 resource "aws_route53_vpc_association_authorization" "legacy_zone_east" {
-  provider   = aws.self
-  vpc_id     = var.route53_endpoints.route53_main_legacy["us-gov-east-1"]
+  provider   = aws.route53_self
+  vpc_id     = var.route53_endpoints.route53_main_legacy[var.region_map["east"]]
   vpc_region = var.region_map["east"]
   zone_id    = aws_route53_zone.cluster_domain.zone_id
 }
 
 resource "aws_route53_zone_association" "legacy_zone_east" {
   provider   = aws.route53_main_legacy
-  vpc_id     = var.route53_endpoints.route53_main_legacy["us-gov-east-1"]
+  vpc_id     = var.route53_endpoints.route53_main_legacy[var.region_map["east"]]
   vpc_region = var.region_map["east"]
   zone_id    = aws_route53_zone.cluster_domain.zone_id
 
@@ -146,18 +146,19 @@ resource "aws_route53_zone_association" "legacy_zone_east" {
 }
 
 #-------------------------------------------------
+# cluster domain associations with legacy do2-gov networking
 # west region
 #-------------------------------------------------
 resource "aws_route53_vpc_association_authorization" "legacy_zone_west" {
-  provider   = aws.self
-  vpc_id     = var.route53_endpoints.route53_main_legacy["us-gov-west-1"]
+  provider   = aws.route53_self
+  vpc_id     = var.route53_endpoints.route53_main_legacy[var.region_map["west"]]
   vpc_region = var.region_map["west"]
   zone_id    = aws_route53_zone.cluster_domain.zone_id
 }
 
 resource "aws_route53_zone_association" "legacy_zone_west" {
   provider   = aws.route53_main_legacy
-  vpc_id     = var.route53_endpoints.route53_main_legacy["us-gov-west-1"]
+  vpc_id     = var.route53_endpoints.route53_main_legacy[var.region_map["west"]]
   vpc_region = var.region_map["west"]
   zone_id    = aws_route53_zone.cluster_domain.zone_id
 
@@ -174,9 +175,10 @@ resource "aws_route53_record" "entry" {
   type    = "A"
 
   alias {
-    name                   = var.istio_ingress_lb.dns_name
-    zone_id                = var.istio_ingress_lb.zone_id
-    evaluate_target_health = false # scaling actions will cause dns to drop otherwise
+    name    = var.istio_ingress_lb.dns_name
+    zone_id = var.istio_ingress_lb.zone_id
+    # scaling actions will cause dns to drop otherwise
+    evaluate_target_health = false
   }
 }