diff --git a/.template-infra/app-app.yml b/.template-infra/app-app.yml
index ae004aa..32eaba0 100644
--- a/.template-infra/app-app.yml
+++ b/.template-infra/app-app.yml
@@ -1,5 +1,5 @@
 # Changes here will be overwritten by Copier
-_commit: v0.15.1-4-g7ad8136
+_commit: v0.15.1-5-gc92213c
 _src_path: ../template-infra
 app_has_dev_env_setup: true
 app_local_port: 3000
diff --git a/infra/app/database/main.tf b/infra/app/database/main.tf
index df864f5..2f47339 100644
--- a/infra/app/database/main.tf
+++ b/infra/app/database/main.tf
@@ -1,18 +1,3 @@
-data "aws_vpc" "network" {
-  tags = {
-    project      = module.project_config.project_name
-    network_name = local.environment_config.network_name
-  }
-}
-
-data "aws_subnets" "database" {
-  tags = {
-    project      = module.project_config.project_name
-    network_name = local.environment_config.network_name
-    subnet_type  = "database"
-  }
-}
-
 locals {
   # The prefix key/value pair is used for Terraform Workspaces, which is useful for projects with multiple infrastructure developers.
   # By default, Terraform creates a workspace named “default.” If a non-default workspace is not created this prefix will equal “default”,
@@ -29,7 +14,6 @@ locals {
 
   environment_config = module.app_config.environment_configs[var.environment_name]
   database_config    = local.environment_config.database_config
-  network_config     = module.project_config.network_configs[local.environment_config.network_name]
 }
 
 terraform {
@@ -62,18 +46,6 @@ module "app_config" {
   source = "../app-config"
 }
 
-data "aws_security_groups" "aws_services" {
-  filter {
-    name   = "group-name"
-    values = ["${module.project_config.aws_services_security_group_name_prefix}*"]
-  }
-
-  filter {
-    name   = "vpc-id"
-    values = [data.aws_vpc.network.id]
-  }
-}
-
 module "database" {
   source = "../../modules/database"
 
@@ -87,9 +59,9 @@ module "database" {
   migrator_username = local.database_config.migrator_username
   schema_name       = local.database_config.schema_name
 
-  vpc_id                         = data.aws_vpc.network.id
-  database_subnet_group_name     = local.network_config.database_subnet_group_name
-  private_subnet_ids             = data.aws_subnets.database.ids
-  aws_services_security_group_id = data.aws_security_groups.aws_services.ids[0]
+  vpc_id                         = module.network.vpc_id
+  database_subnet_group_name     = module.network.database_subnet_group_name
+  private_subnet_ids             = module.network.database_subnet_ids
+  aws_services_security_group_id = module.network.aws_services_security_group_id
   is_temporary                   = local.is_temporary
 }
diff --git a/infra/app/database/network.tf b/infra/app/database/network.tf
new file mode 100644
index 0000000..a70a15b
--- /dev/null
+++ b/infra/app/database/network.tf
@@ -0,0 +1,5 @@
+module "network" {
+  source       = "../../modules/network/data"
+  project_name = module.project_config.project_name
+  name         = local.environment_config.network_name
+}
diff --git a/infra/app/service/domain.tf b/infra/app/service/domain.tf
index 47acf83..98d58db 100644
--- a/infra/app/service/domain.tf
+++ b/infra/app/service/domain.tf
@@ -1,16 +1,11 @@
 locals {
   domain_config = local.environment_config.domain_config
-
-  hosted_zone_id  = local.domain_config.domain_name != null ? data.aws_route53_zone.zone[0].zone_id : null
-  certificate_arn = local.domain_config.enable_https ? data.aws_acm_certificate.certificate[0].arn : null
 }
 
-data "aws_acm_certificate" "certificate" {
-  count  = local.domain_config.enable_https ? 1 : 0
-  domain = local.domain_config.domain_name
-}
+module "domain" {
+  source = "../../modules/domain/data"
 
-data "aws_route53_zone" "zone" {
-  count = local.domain_config.domain_name != null ? 1 : 0
-  name  = local.domain_config.hosted_zone
+  hosted_zone  = local.domain_config.hosted_zone
+  domain_name  = local.domain_config.domain_name
+  enable_https = local.domain_config.enable_https
 }
diff --git a/infra/app/service/main.tf b/infra/app/service/main.tf
index 20a690f..5d2e020 100644
--- a/infra/app/service/main.tf
+++ b/infra/app/service/main.tf
@@ -63,21 +63,20 @@ module "service" {
 
   image_tag = local.image_tag
 
-  vpc_id             = data.aws_vpc.network.id
-  public_subnet_ids  = data.aws_subnets.public.ids
-  private_subnet_ids = data.aws_subnets.private.ids
+  vpc_id                         = module.network.vpc_id
+  public_subnet_ids              = module.network.public_subnet_ids
+  private_subnet_ids             = module.network.private_subnet_ids
+  aws_services_security_group_id = module.network.aws_services_security_group_id
 
-  domain_name     = local.domain_config.domain_name
-  hosted_zone_id  = local.hosted_zone_id
-  certificate_arn = local.certificate_arn
+  domain_name     = module.domain.domain_name
+  hosted_zone_id  = module.domain.hosted_zone_id
+  certificate_arn = module.domain.certificate_arn
 
   cpu                      = local.service_config.cpu
   memory                   = local.service_config.memory
   desired_instance_count   = local.service_config.desired_instance_count
   enable_command_execution = local.service_config.enable_command_execution
 
-  aws_services_security_group_id = data.aws_security_groups.aws_services.ids[0]
-
   file_upload_jobs = local.service_config.file_upload_jobs
   scheduled_jobs   = local.environment_config.scheduled_jobs
 
diff --git a/infra/app/service/network.tf b/infra/app/service/network.tf
index 8ea58e3..a70a15b 100644
--- a/infra/app/service/network.tf
+++ b/infra/app/service/network.tf
@@ -1,38 +1,5 @@
-locals {
-  network_config = module.project_config.network_configs[local.environment_config.network_name]
-}
-
-data "aws_vpc" "network" {
-  tags = {
-    project      = module.project_config.project_name
-    network_name = local.environment_config.network_name
-  }
-}
-
-data "aws_subnets" "public" {
-  tags = {
-    project      = module.project_config.project_name
-    network_name = local.environment_config.network_name
-    subnet_type  = "public"
-  }
-}
-
-data "aws_subnets" "private" {
-  tags = {
-    project      = module.project_config.project_name
-    network_name = local.environment_config.network_name
-    subnet_type  = "private"
-  }
-}
-
-data "aws_security_groups" "aws_services" {
-  filter {
-    name   = "group-name"
-    values = ["${module.project_config.aws_services_security_group_name_prefix}*"]
-  }
-
-  filter {
-    name   = "vpc-id"
-    values = [data.aws_vpc.network.id]
-  }
+module "network" {
+  source       = "../../modules/network/data"
+  project_name = module.project_config.project_name
+  name         = local.environment_config.network_name
 }
diff --git a/infra/app/service/notifications.tf b/infra/app/service/notifications.tf
index c2b2948..203e021 100644
--- a/infra/app/service/notifications.tf
+++ b/infra/app/service/notifications.tf
@@ -20,8 +20,8 @@ module "notifications_email_domain" {
   count  = local.notifications_config != null && !local.is_temporary ? 1 : 0
   source = "../../modules/notifications-email-domain/resources"
 
-  domain_name    = local.domain_config.domain_name
-  hosted_zone_id = local.hosted_zone_id
+  domain_name    = module.domain.domain_name
+  hosted_zone_id = module.domain.hosted_zone_id
 }
 
 # If the app has `enable_notifications` set to true AND this *is* a temporary
@@ -30,7 +30,7 @@ module "existing_notifications_email_domain" {
   count  = local.notifications_config != null && local.is_temporary ? 1 : 0
   source = "../../modules/notifications-email-domain/data"
 
-  domain_name = local.domain_config.domain_name
+  domain_name = module.domain.domain_name
 }
 
 # If the app has `enable_notifications` set to true, create a new email notification