diff --git a/README.md b/README.md
index 4d78d87..214d6d1 100644
--- a/README.md
+++ b/README.md
@@ -104,7 +104,6 @@ have a istio proxy configured, prevent communication with that pod.)
 | [helm_release.ingress](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
 | [helm_release.istiod](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
 | [kubernetes_namespace.ns](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/namespace) | resource |
-| [kubernetes_service.apiserver](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/data-sources/service) | data source |
 
 ## Inputs
 
@@ -116,6 +115,7 @@ have a istio proxy configured, prevent communication with that pod.)
 | <a name="input_extra_listener_ports"></a> [extra\_listener\_ports](#input\_extra\_listener\_ports) | A list of additional ports that the ingress load balancer should listen to, 9094 for kafka as an example. | <pre>list(object({<br>    name = string<br>    port = string<br>  }))</pre> | `[]` | no |
 | <a name="input_istio_chart_version"></a> [istio\_chart\_version](#input\_istio\_chart\_version) | The version of istio to install into the cluster. | `string` | `"1.22.3"` | no |
 | <a name="input_istio_version"></a> [istio\_version](#input\_istio\_version) | The version of istio to install into the cluster. | `string` | `"1.22.3"` | no |
+| <a name="input_kubernetes_service_apiserver"></a> [kubernetes\_service\_apiserver](#input\_kubernetes\_service\_apiserver) | Use to exclude internal API service traffic from the service mesh; it should not change but could be necessary to lookup | `string` | `"172.20.0.1"` | no |
 | <a name="input_namespace"></a> [namespace](#input\_namespace) | The namespace to install the istio components. Defaults to 'istio-system' | `string` | `"istio-system"` | no |
 | <a name="input_profile"></a> [profile](#input\_profile) | AWS\_PROFILE to use to apply the terraform script. | `string` | `""` | no |
 | <a name="input_region"></a> [region](#input\_region) | The region in which the cluster is running. | `string` | n/a | yes |
@@ -125,6 +125,7 @@ have a istio proxy configured, prevent communication with that pod.)
 
 | Name | Description |
 |------|-------------|
+| <a name="output_istio_namespace"></a> [istio\_namespace](#output\_istio\_namespace) | The namespace used by istio. |
 | <a name="output_module_name"></a> [module\_name](#output\_module\_name) | The name of this module. |
 | <a name="output_module_version"></a> [module\_version](#output\_module\_version) | The version of this module. |
 <!-- END_TF_DOCS -->
diff --git a/main.tf b/main.tf
index 8a73964..3655bb0 100644
--- a/main.tf
+++ b/main.tf
@@ -55,12 +55,6 @@ resource "kubernetes_namespace" "ns" {
   }
 }
 
-# data "kubernetes_service" "apiserver" {
-#   metadata {
-#     name = "kubernetes"
-#   }
-# }
-
 resource "helm_release" "base" {
   depends_on = [module.images]
   chart      = "base"
@@ -111,7 +105,6 @@ resource "helm_release" "istiod" {
   set {
     name  = "globalproxy.excludeIPRanges"
     value = "${var.kubernetes_service_apiserver}/32"
-    # value = "${data.kubernetes_service.apiserver.spec[0].cluster_ip}/32"
   }
 }
 
diff --git a/outputs.tf b/outputs.tf
index b999ac9..4b17f45 100644
--- a/outputs.tf
+++ b/outputs.tf
@@ -11,3 +11,8 @@ output "module_version" {
   description = "The version of this module."
   value       = local.module_version
 }
+
+output "istio_namespace" {
+  description = "The namespace used by istio."
+  value       = kubernetes_namespace.ns.metadata[0].name
+}
diff --git a/variables.tf b/variables.tf
index 79cf6d2..bd11eb6 100644
--- a/variables.tf
+++ b/variables.tf
@@ -67,4 +67,4 @@ variable "kubernetes_service_apiserver" {
   description = "Use to exclude internal API service traffic from the service mesh; it should not change but could be necessary to lookup"
   type        = string
   default     = "172.20.0.1"
-}
\ No newline at end of file
+}