From 8497b22de7418d713529effda61a7e3c0db7f208 Mon Sep 17 00:00:00 2001
From: Dylan <dylan@overmind.tech>
Date: Wed, 17 Dec 2025 09:49:35 -0800
Subject: [PATCH] Reduce internal CIDR to actual VPC size

This was picked up in a recent audit. Turns out we had set the CIDR incorrectly and it was allowing too wide of communication. We need to restrict it back to the actual size of the VPC.
---
 main.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/main.tf b/main.tf
index 0f8f2b48..9ee24777 100644
--- a/main.tf
+++ b/main.tf
@@ -441,7 +441,7 @@ locals {
     }
   }
 
-  api_internal_cidr = "10.0.0.0/8"
+  api_internal_cidr = "10.0.0.0/16"
   api_domain        = "signals-demo-test.demo"
   api_alert_email   = "alerts@example.com"
 }