diff --git a/{{cookiecutter.project_slug}}/terraform/ec2-cluster/bin/generate-tfvars b/{{cookiecutter.project_slug}}/terraform/ec2-cluster/bin/generate-tfvars
index 13f9e430..c76f44cc 100755
--- a/{{cookiecutter.project_slug}}/terraform/ec2-cluster/bin/generate-tfvars
+++ b/{{cookiecutter.project_slug}}/terraform/ec2-cluster/bin/generate-tfvars
@@ -1,5 +1,6 @@
 #!/bin/bash
 
 MY_IP=$(./bin/get-my-global-ip)
+MY_AMI_ID=$(terraform output -raw ami_id | tail -n1)
 
-cat terraform.tfvars.template | sed s/{admin_ip}/$MY_IP/ > terraform.tfvars
\ No newline at end of file
+cat terraform.tfvars.template | sed "s/{admin_ip}/$MY_IP/;s/{ami_id}/$MY_AMI_ID/" > terraform.tfvars
\ No newline at end of file
diff --git a/{{cookiecutter.project_slug}}/terraform/ec2-cluster/security-groups.tf b/{{cookiecutter.project_slug}}/terraform/ec2-cluster/security-groups.tf
index ce0e56de..7c3ac45e 100644
--- a/{{cookiecutter.project_slug}}/terraform/ec2-cluster/security-groups.tf
+++ b/{{cookiecutter.project_slug}}/terraform/ec2-cluster/security-groups.tf
@@ -29,7 +29,7 @@ resource "aws_security_group" "admin" {
     from_port   = 8080
     to_port     = 8080
     protocol    = "tcp"
-    cidr_blocks = var.admin_ip
+    cidr_blocks = [var.admin_ip]
   }
 
   ingress {
@@ -43,7 +43,7 @@ resource "aws_security_group" "admin" {
     from_port   = 30000
     to_port     = 40000
     protocol    = "tcp"
-    cidr_blocks = var.admin_ip
+    cidr_blocks = [var.admin_ip]
   }
 
   egress {
diff --git a/{{cookiecutter.project_slug}}/terraform/ec2-cluster/terraform.tfvars.template b/{{cookiecutter.project_slug}}/terraform/ec2-cluster/terraform.tfvars.template
index eb52ef8b..65a749d0 100644
--- a/{{cookiecutter.project_slug}}/terraform/ec2-cluster/terraform.tfvars.template
+++ b/{{cookiecutter.project_slug}}/terraform/ec2-cluster/terraform.tfvars.template
@@ -1 +1,2 @@
 admin_ip   = "{admin_ip}/32"
+ami_id = "{ami_id}"
diff --git a/{{cookiecutter.project_slug}}/terraform/ec2-cluster/variables.tf b/{{cookiecutter.project_slug}}/terraform/ec2-cluster/variables.tf
index c1aa66a6..11feb919 100644
--- a/{{cookiecutter.project_slug}}/terraform/ec2-cluster/variables.tf
+++ b/{{cookiecutter.project_slug}}/terraform/ec2-cluster/variables.tf
@@ -5,10 +5,10 @@ variable "admin_ip" {
 variable "ami_id" {
   type        = string
   description = "AMI id to use in the EC2 instance, warning - will update when AMI updates"
-  default     = data.aws_ami.latest_ubuntu.id
+  default     = "ami-053b0d53c279acc90"
 }
 
-# will fetch the latest ubuntu ami
+# will fetch the latest ubuntu ami and store in terraform.tfvars
 # change ami_id to be constant if you dont want it to change on the next release
 data "aws_ami" "latest_ubuntu" {
   most_recent = true
diff --git a/{{cookiecutter.project_slug}}/terraform/management/backend.tf b/{{cookiecutter.project_slug}}/terraform/management/backend.tf
index d89b2e8c..92879128 100644
--- a/{{cookiecutter.project_slug}}/terraform/management/backend.tf
+++ b/{{cookiecutter.project_slug}}/terraform/management/backend.tf
@@ -32,7 +32,7 @@ resource "aws_s3_bucket_ownership_controls" "tf_state_controls" {
   }
 }
 
-resource "aws_s3_bucket_acl" "acl" {
+resource "aws_s3_bucket_acl" "tf_state_acl" {
   depends_on = [aws_s3_bucket_ownership_controls.tf_state_controls]
 
   bucket = aws_s3_bucket.terraform_state.id
@@ -53,6 +53,8 @@ resource "aws_dynamodb_table" "terraform_state" {
   }
 }
 
+#################################################
+
 provider "aws" {
   region = module.global_variables.aws_region
   assume_role {
diff --git a/{{cookiecutter.project_slug}}/terraform/management/locals.tf b/{{cookiecutter.project_slug}}/terraform/management/locals.tf
new file mode 100644
index 00000000..15f09f0e
--- /dev/null
+++ b/{{cookiecutter.project_slug}}/terraform/management/locals.tf
@@ -0,0 +1,8 @@
+locals {
+  common_tags = {
+    automation          = "terraform"
+    "automation.config" = "{{cookiecutter.project_slug}}"
+    application         = module.global_variables.application
+    environment         = var.environment
+  }
+}
diff --git a/{{cookiecutter.project_slug}}/terraform/management/s3.tf b/{{cookiecutter.project_slug}}/terraform/management/s3.tf
index f2b9009b..3bd234b0 100644
--- a/{{cookiecutter.project_slug}}/terraform/management/s3.tf
+++ b/{{cookiecutter.project_slug}}/terraform/management/s3.tf
@@ -1,16 +1,16 @@
 resource "aws_s3_bucket" "cloudnative_pg" {
   bucket_prefix = "${module.global_variables.application}-cloudnative-pg-"
-  tags          = var.tags
+  tags          = local.common_tags
 }
 
-resource "aws_s3_bucket_versioning" "versioning" {
+resource "aws_s3_bucket_versioning" "cnpg_versioning" {
   bucket = aws_s3_bucket.cloudnative_pg.id
   versioning_configuration {
     status = "Enabled"
   }
 }
 
-resource "aws_s3_bucket_server_side_encryption_configuration" "encryption" {
+resource "aws_s3_bucket_server_side_encryption_configuration" "cnpg_encryption" {
   bucket = aws_s3_bucket.cloudnative_pg.id
 
   rule {
@@ -20,15 +20,15 @@ resource "aws_s3_bucket_server_side_encryption_configuration" "encryption" {
   }
 }
 
-resource "aws_s3_bucket_ownership_controls" "controls" {
+resource "aws_s3_bucket_ownership_controls" "cnpg_controls" {
   bucket = aws_s3_bucket.cloudnative_pg.id
   rule {
     object_ownership = "BucketOwnerPreferred"
   }
 }
 
-resource "aws_s3_bucket_acl" "acl" {
-  depends_on = [aws_s3_bucket_ownership_controls.controls]
+resource "aws_s3_bucket_acl" "cnpg_acl" {
+  depends_on = [aws_s3_bucket_ownership_controls.cnpg_controls]
 
   bucket = aws_s3_bucket.cloudnative_pg.id
   acl    = "private"
diff --git a/{{cookiecutter.project_slug}}/terraform/prod/route53.tf b/{{cookiecutter.project_slug}}/terraform/prod/route53.tf
index 8c19ab5b..c00d565c 100644
--- a/{{cookiecutter.project_slug}}/terraform/prod/route53.tf
+++ b/{{cookiecutter.project_slug}}/terraform/prod/route53.tf
@@ -5,7 +5,7 @@ data "aws_route53_zone" "route_zone" {
 
 # record for calls to frontend
 resource "aws_route53_record" "prod" {
-  zone_id = aws_route53_zone.route_zone.zone_id
+  zone_id = data.aws_route53_zone.route_zone.zone_id
   name    = var.domain
   type    = "A"
   records = [data.aws_instance.ec2_cluster.public_ip]
@@ -14,7 +14,7 @@ resource "aws_route53_record" "prod" {
 
 # record for api calls to backend
 resource "aws_route53_record" "prod_api" {
-  zone_id = aws_route53_zone.route_zone.zone_id
+  zone_id = data.aws_route53_zone.route_zone.zone_id
   name    = var.api_domain
   type    = "A"
   records = [data.aws_instance.ec2_cluster.public_ip]
diff --git a/{{cookiecutter.project_slug}}/terraform/sandbox/route53.tf b/{{cookiecutter.project_slug}}/terraform/sandbox/route53.tf
index e2b039c2..8634e8a3 100644
--- a/{{cookiecutter.project_slug}}/terraform/sandbox/route53.tf
+++ b/{{cookiecutter.project_slug}}/terraform/sandbox/route53.tf
@@ -5,7 +5,7 @@ data "aws_route53_zone" "route_zone" {
 
 # record for calls to frontend
 resource "aws_route53_record" "sandbox" {
-  zone_id = aws_route53_zone.route_zone.zone_id
+  zone_id = data.aws_route53_zone.route_zone.zone_id
   name    = var.domain
   type    = "A"
   records = [data.aws_instance.ec2_cluster.public_ip]
@@ -14,7 +14,7 @@ resource "aws_route53_record" "sandbox" {
 
 # record for api calls to backend
 resource "aws_route53_record" "sandbox_api" {
-  zone_id = aws_route53_zone.route_zone.zone_id
+  zone_id = data.aws_route53_zone.route_zone.zone_id
   name    = var.api_domain
   type    = "A"
   records = [data.aws_instance.ec2_cluster.public_ip]