diff --git a/fast/stages/2-networking-a-simple/README.md b/fast/stages/2-networking-a-simple/README.md
index 0bc15bfc4..5ab51a3a3 100644
--- a/fast/stages/2-networking-a-simple/README.md
+++ b/fast/stages/2-networking-a-simple/README.md
@@ -502,24 +502,24 @@ DNS configurations are centralised in the `dns-*.tf` files. Spokes delegate DNS
|---|---|:---:|:---:|:---:|:---:|
| [automation](variables-fast.tf#L19) | Automation resources created by the bootstrap stage. | object({…}) | ✓ | | 0-org-setup |
| [billing_account](variables-fast.tf#L27) | Billing account id. If billing account is not part of the same org set `is_org_level` to false. | object({…}) | ✓ | | 0-org-setup |
-| [environments](variables-fast.tf#L49) | Environment names. | map(object({…})) | ✓ | | 0-globals |
-| [folder_ids](variables-fast.tf#L66) | Folders to be used for the networking resources in folders/nnnnnnnnnnn format. | map(string) | ✓ | | 1-resman |
-| [organization](variables-fast.tf#L72) | Organization details. | object({…}) | ✓ | | 0-org-setup |
-| [prefix](variables-fast.tf#L81) | Prefix used for resources that need unique names. Use a maximum of 9 chars for organizations, and 11 chars for tenants. | string | ✓ | | 0-org-setup |
+| [folder_ids](variables-fast.tf#L49) | Folders to be used for the networking resources in folders/nnnnnnnnnnn format. | map(string) | ✓ | | 1-resman |
+| [organization](variables-fast.tf#L55) | Organization details. | object({…}) | ✓ | | 0-org-setup |
+| [prefix](variables-fast.tf#L64) | Prefix used for resources that need unique names. Use a maximum of 9 chars for organizations, and 11 chars for tenants. | string | ✓ | | 0-org-setup |
| [alert_config](variables.tf#L17) | Configuration for monitoring alerts. | object({…}) | | {…} | |
| [custom_roles](variables-fast.tf#L40) | Custom roles defined at the org level, in key => id format. | object({…}) | | null | 0-org-setup |
| [dns](variables.tf#L42) | DNS configuration. | object({…}) | | {} | |
-| [essential_contacts](variables.tf#L60) | Email used for essential contacts, unset if null. | string | | null | |
-| [factories_config](variables.tf#L66) | Configuration for network resource factories. | object({…}) | | {} | |
-| [outputs_location](variables.tf#L87) | Path where providers and tfvars files for the following stages are written. Leave empty to disable. | string | | null | |
-| [psa_ranges](variables.tf#L93) | IP ranges used for Private Service Access (CloudSQL, etc.). | object({…}) | | {} | |
-| [regions](variables.tf#L113) | Region definitions. | object({…}) | | {…} | |
-| [security_profile_groups](variables-fast.tf#L91) | Security profile group ids used for policy rule substitutions. | map(string) | | {} | 2-networking-ngfw |
-| [spoke_configs](variables.tf#L125) | Spoke connectivity configurations. | object({…}) | | {…} | |
-| [stage_configs](variables-fast.tf#L99) | FAST stage configuration. | object({…}) | | {} | 1-resman |
-| [tag_values](variables-fast.tf#L113) | Root-level tag values. | map(string) | | {} | 1-resman |
-| [vpc_configs](variables.tf#L194) | Optional VPC network configurations. | object({…}) | | {} | |
-| [vpn_onprem_primary_config](variables.tf#L247) | VPN gateway configuration for onprem interconnection in the primary region. | object({…}) | | null | |
+| [environments](variables.tf#L60) | Environment names. | map(object({…})) | | {…} | 0-globals |
+| [essential_contacts](variables.tf#L88) | Email used for essential contacts, unset if null. | string | | null | |
+| [factories_config](variables.tf#L94) | Configuration for network resource factories. | object({…}) | | {} | |
+| [outputs_location](variables.tf#L115) | Path where providers and tfvars files for the following stages are written. Leave empty to disable. | string | | null | |
+| [psa_ranges](variables.tf#L121) | IP ranges used for Private Service Access (CloudSQL, etc.). | object({…}) | | {} | |
+| [regions](variables.tf#L141) | Region definitions. | object({…}) | | {…} | |
+| [security_profile_groups](variables-fast.tf#L74) | Security profile group ids used for policy rule substitutions. | map(string) | | {} | 2-networking-ngfw |
+| [spoke_configs](variables.tf#L153) | Spoke connectivity configurations. | object({…}) | | {…} | |
+| [stage_configs](variables-fast.tf#L82) | FAST stage configuration. | object({…}) | | {} | 1-resman |
+| [tag_values](variables-fast.tf#L96) | Root-level tag values. | map(string) | | {} | 1-resman |
+| [vpc_configs](variables.tf#L222) | Optional VPC network configurations. | object({…}) | | {} | |
+| [vpn_onprem_primary_config](variables.tf#L275) | VPN gateway configuration for onprem interconnection in the primary region. | object({…}) | | null | |
## Outputs
diff --git a/fast/stages/2-networking-a-simple/variables-fast.tf b/fast/stages/2-networking-a-simple/variables-fast.tf
index c0b92cad8..e9eb9420c 100644
--- a/fast/stages/2-networking-a-simple/variables-fast.tf
+++ b/fast/stages/2-networking-a-simple/variables-fast.tf
@@ -46,23 +46,6 @@ variable "custom_roles" {
default = null
}
-variable "environments" {
- # tfdoc:variable:source 0-globals
- description = "Environment names."
- type = map(object({
- name = string
- tag_name = string
- is_default = optional(bool, false)
- }))
- nullable = false
- validation {
- condition = anytrue([
- for k, v in var.environments : v.is_default == true
- ])
- error_message = "At least one environment should be marked as default."
- }
-}
-
variable "folder_ids" {
# tfdoc:variable:source 1-resman
description = "Folders to be used for the networking resources in folders/nnnnnnnnnnn format."
diff --git a/fast/stages/2-networking-a-simple/variables.tf b/fast/stages/2-networking-a-simple/variables.tf
index b0c01fd99..03fc085f6 100644
--- a/fast/stages/2-networking-a-simple/variables.tf
+++ b/fast/stages/2-networking-a-simple/variables.tf
@@ -57,6 +57,34 @@ variable "dns" {
}
}
+variable "environments" {
+ # tfdoc:variable:source 0-globals
+ description = "Environment names."
+ type = map(object({
+ name = string
+ tag_name = string
+ is_default = optional(bool, false)
+ }))
+ nullable = false
+ default = {
+ dev = {
+ name = "Development"
+ tag_name = "development"
+ }
+ prod = {
+ name = "Production"
+ tag_name = "production"
+ is_default = true
+ }
+ }
+ validation {
+ condition = anytrue([
+ for k, v in var.environments : v.is_default == true
+ ])
+ error_message = "At least one environment should be marked as default."
+ }
+}
+
variable "essential_contacts" {
description = "Email used for essential contacts, unset if null."
type = string