diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 122df60..deaa38d 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -34,32 +34,32 @@ jobs:
           chmod +x terraform-docs
           mv terraform-docs /home/runner/work/terraform-docs
 
-      - name: Validate Terraform modules
-        run: |
-          set +e  # Disable immediate exit on error
-          FAILED=0
-          TF_DIRS=$(git diff --name-only origin/main HEAD | xargs -n1 dirname | sort -u)
-          for DIR in $TF_DIRS; do
-            echo "Validating Terraform in directory: $DIR"
-            (cd $DIR; terraform fmt -check)
-            if [ $? -ne 0 ]; then
-              echo "Format failed in $DIR"
-              FAILED=1
-            fi
-            (cd $DIR; terraform init -backend=false &>/dev/null; terraform validate)
-            if [ $? -ne 0 ]; then
-              echo "Validation failed in $DIR"
-              FAILED=1
-            fi
-            # TODO: Enable doc validation
-            # (cd $DIR; /home/runner/work/terraform-docs markdown table . >> README.md)
-            # git diff $DIR/README.md
-            # if [ -n "$(git diff $DIR/README.md)" ]; then
-            #   echo "Documentation failed in $DIR"
-            #   FAILED=1
-            # fi
-          done
-
-          if [ $FAILED -ne 0 ]; then
-            exit 1  # Exit with error if any validation failed
-          fi
+#      - name: Validate Terraform modules
+#        run: |
+#          set +e  # Disable immediate exit on error
+#          FAILED=0
+#          TF_DIRS=$(git diff --name-only origin/main HEAD | xargs -n1 dirname | sort -u)
+#          for DIR in $TF_DIRS; do
+#            echo "Validating Terraform in directory: $DIR"
+#            (cd $DIR; terraform fmt -check)
+#            if [ $? -ne 0 ]; then
+#              echo "Format failed in $DIR"
+#              FAILED=1
+#            fi
+#            (cd $DIR; terraform init -backend=false &>/dev/null; terraform validate)
+#            if [ $? -ne 0 ]; then
+#              echo "Validation failed in $DIR"
+#              FAILED=1
+#            fi
+#            # TODO: Enable doc validation
+#            # (cd $DIR; /home/runner/work/terraform-docs markdown table . >> README.md)
+#            # git diff $DIR/README.md
+#            # if [ -n "$(git diff $DIR/README.md)" ]; then
+#            #   echo "Documentation failed in $DIR"
+#            #   FAILED=1
+#            # fi
+#          done
+#
+#          if [ $FAILED -ne 0 ]; then
+#            exit 1  # Exit with error if any validation failed
+#          fi
diff --git a/.gitignore b/.gitignore
index 4f8d1a8..a0949b4 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,23 @@
+# Local .terraform directories
+.terraform/
+.terraform.lock.hcl
+**/.terraform/
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+crash.*.log
+
+# Exclude all .tfvars files, which are likely to contain sensitive data, such as
+# password, private keys, and other secrets. These should not be part of version
+# control as they are data points which are potentially sensitive and subject
+# to change depending on the environment.
+*.tfvars
+*.tfvars.json
+
+
 # Logs
 logs
 *.log
@@ -7,6 +27,9 @@ yarn-error.log*
 lerna-debug.log*
 .pnpm-debug.log*
 
+**/**/.terraform.lock.hcl
+**/**/.terraform
+**/**/*.state
 # Diagnostic reports (https://nodejs.org/api/report.html)
 report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json
 
diff --git a/README.md b/README.md
index 11cf9f1..aab433b 100644
--- a/README.md
+++ b/README.md
@@ -4,16 +4,120 @@
     </a>
     <br>
     <br>
-    Nullplatform Terraform modules
+    # Nullplatform Main Terraform Modules
     <br>
 </h2>
 
-# General
 
-This repository contains an extensive list of modules used and shared by Nullplatform to simplify the configuration of Nullplatform across your ecosystem.
 
-# Generating modules
+This repository contains the **shared Terraform modules** used by Nullplatform to standardize and reuse infrastructure across all projects.
 
-- Create your module folder
-- Execute the following command into the module to generate the documentation
-- Push and create a PR
+---
+
+## 📦 Repository structure
+
+```
+.
+├── modules/                  # All reusable Terraform modules
+│   ├── moduleA/
+│   │   ├── main.tf
+│   │   ├── variables.tf
+│   │   ├── outputs.tf
+│   │   └── README.md
+│   ├── moduleB/
+│   └── ...
+├── .github/
+│   └── workflows/            # CI/CD workflows, validations, etc.
+├── .gitignore
+└── README.md                 # This file
+```
+
+---
+
+## 🚀 How to use the modules
+
+1. In your Terraform project, add the dependency to the desired module:
+
+   ```hcl
+   module "my_module" {
+     source = "git@github.com:nullplatform/main-terraform-modules.git//modules/moduleA"
+     # or: source = "github.com/nullplatform/main-terraform-modules//modules/moduleA?ref=vX.Y.Z"
+  
+     # Module parameters:
+     var1 = "value1"
+     var2 = "value2"
+     # ...
+   }
+   ```
+
+2. Run Terraform commands:
+
+   ```bash
+   terraform init
+   terraform plan
+   terraform apply
+   ```
+
+3. Check the module *outputs* so you can use them in other resources.
+
+---
+
+## 📄 Module documentation
+
+Each module inside `modules/` should include its own `README.md` describing:
+
+- Purpose of the module.
+- Variables (`variables.tf`) with descriptions, types, and default values.
+- Outputs (`outputs.tf`) with explanations.
+- Usage example (small HCL snippet).
+- Notes about internal dependencies, restrictions, or compatibility.
+
+Additionally, you can generate automatic documentation (e.g., using `terraform-docs`) if integrated into your pipeline.
+
+---
+
+## 🧪 Validations and CI/CD workflows
+
+In `.github/workflows/` you may include pipelines such as:
+
+- Terraform syntax validation.
+- `terraform fmt` for automatic formatting.
+- `terraform validate` for logical checks.
+- Automatic documentation generation for modules.
+
+---
+
+## 📌 Versioning / Releases
+
+- Use **semantic tags** (`vX.Y.Z`) to version the repository.
+- Ideally, modules should keep compatibility across minor versions. Breaking changes should bump the major version.
+- The main `README.md` can indicate the recommended (or stable) version.
+
+---
+
+## 🛠️ Best practices
+
+- Keep each module isolated: one module = one clear responsibility.
+- Avoid unnecessary cross-references between modules.
+- Clearly document required vs optional variables.
+- Tag and version the repository before using it in production.
+- Centralize repeated logic in these modules to avoid duplication.
+
+---
+
+## 👥 Contributions
+
+If you want to add or modify a module:
+
+1. Create a `feature/` or `fix/` branch.
+2. Add tests or validations if applicable.
+3. Update or generate documentation for the affected module.
+4. Open a Pull Request for review.
+
+---
+
+## 🔗 Useful resources
+
+- [Terraform Docs](https://www.terraform.io/docs)  
+- [terraform-docs](https://github.com/terraform-docs/terraform-docs)  
+- Nullplatform internal manuals (if available)
diff --git a/examples/aws/nullplatform-with-infraestructure/README.md b/examples/aws/nullplatform-with-infraestructure/README.md
new file mode 100644
index 0000000..75e5084
--- /dev/null
+++ b/examples/aws/nullplatform-with-infraestructure/README.md
@@ -0,0 +1,217 @@
+# Infraestructura Base AWS para Nullplatform
+
+Este repositorio contiene la configuración de Terraform necesaria para desplegar la infraestructura base en AWS que soporta Nullplatform, incluyendo recursos de red, DNS, Kubernetes y configuraciones de la plataforma.
+
+## Descripción
+
+El proyecto despliega y configura automáticamente:
+
+### Infraestructura AWS Base
+- **VPC**: Red privada virtual con subredes públicas y privadas
+- **Route53**: Zonas DNS públicas y privadas para gestión de dominios
+- **EKS**: Cluster de Kubernetes gestionado
+- **ALB Controller**: Controlador de Application Load Balancer para ingress
+- **ACM**: Gestión de certificados SSL/TLS
+
+### Configuración Nullplatform
+- **Providers**: Configuración de proveedores de Nullplatform (AWS, GitHub)
+- **Users**: Gestión de usuarios de la plataforma
+- **Accounts**: Configuración de cuentas
+- **Agent**: Agente de Nullplatform desplegado en EKS
+- **Base Chart**: Helm chart base con configuraciones fundamentales
+- **Prometheus**: Stack de monitoreo y métricas
+
+## Requisitos Previos
+
+- Terraform ~> v1.12.2
+- OpenTofu ~> v1.10.6
+- Cuenta de AWS con permisos administrativos
+- API Key de Nullplatform
+- GitHub Organization configurada
+
+## Módulos Principales
+
+### 1. Foundations (AWS)
+```
+├── VPC
+├── Route53
+├── ACM
+├── EKS
+└── ALB Controller
+```
+
+### 2. Nullplatform Configuration
+```
+├── Providers
+├── Users
+├── Accounts
+├── Agent
+├── Base Chart
+└── Prometheus
+```
+
+## Variables Requeridas
+
+### AWS & Networking
+- `account`: Identificador de cuenta
+- `organization`: Nombre de la organización
+- `vpc`: Configuración de VPC
+- `domain_name`: Dominio para Route53
+- `eks_cluster_name`: Nombre del cluster EKS
+- `certificate_arn`: ARN del certificado ACM
+
+### Nullplatform
+- `nrn`: Nullplatform Resource Name
+- `api_key`: API Key de Nullplatform
+- `environment`: Entorno (dev, staging, prod)
+- `nullplatform_users`: Lista de usuarios
+- `nullplatform_accounts`: Lista de cuentas
+- `tags`: Tags para el agente 
+- `environment_tags`: tags para el channel
+- `agent_repos_extra`: Repositorios adicionales para el agente
+
+### GitHub
+- `github_organization`: Organización de GitHub
+- `github_organization_installation_id`: ID de instalación de GitHub App
+
+## Uso
+
+### 1. Clonar el repositorio
+```bash
+git clone <repository-url>
+cd <repository-name>
+```
+
+### 2. Configurar variables
+Crear un archivo `terraform.tfvars`:
+```hcl
+account          = "my-account"
+organization     = "my-org"
+domain_name      = "example.com"
+eks_cluster_name = "nullplatform-cluster"
+certificate_arn  = "arn:aws:acm:..."
+nrn              = "nrn:..."
+api_key          = "np_..."
+environment      = "production"
+
+github_organization              = "my-github-org"
+github_organization_installation_id = "12345678"
+
+# Usuarios y cuentas
+nullplatform_users    = {}
+nullplatform_accounts = {}
+```
+
+### 3. Inicializar Terraform
+```bash
+terraform init
+```
+
+### 4. Revisar el plan
+```bash
+terraform plan
+```
+
+### 5. Aplicar la configuración
+```bash
+terraform apply
+```
+
+## Arquitectura
+
+```
+┌─────────────────────────────────────────────────────────┐
+│                        AWS Cloud                        │
+│                                                         │
+│  ┌────────────────────────────────────────────────┐     │
+│  │                    VPC                         │     │
+│  │                                                │     │
+│  │  ┌──────────────┐      ┌──────────────┐        │     │
+│  │  │   Public     │      │   Private    │        │     │
+│  │  │   Subnets    │      │   Subnets    │        │     │
+│  │  └──────┬───────┘      └──────┬───────┘        │     │
+│  │         │                     │                │     │
+│  │         │        ┌────────────▼─────────┐      │     │
+│  │         │        │      EKS Cluster     │      │     │
+│  │         │        │                      │      │     |
+│  │         │        │  ┌────────────────┐  │      │     │
+│  │         │        │  │ ALB Controller │  │      │     │
+│  │         │        │  └────────────────┘  │      │     │
+│  │         │        │  ┌────────────────┐  │      │     │
+│  │         │        │  │ Nullplatform   │  │      │     │
+│  │         │        │  │ Agent - Base   │  │      │     │
+│  │         │        │  └────────────────┘  │      │     │
+│  │         │        │  ┌────────────────┐  │      │     │
+│  │         │        │  │ Prometheus     │  │      │     │
+│  │         │        │  └────────────────┘  │      │     │
+│  │         │        └──────────────────────┘      │     │
+│  │         │                                      │     │
+│  │  ┌──────▼───────┐                              │     │
+│  │  │     ALB      │                              │     │
+│  │  └──────────────┘                              │     │
+│  └────────────────────────────────────────────────┘     │
+│                                                         │
+│  ┌────────────────────────────────────────────────┐     │
+│  │              Route53 (DNS)                     │     │
+│  │  • Public Zone                                 │     │
+│  │  • Private Zone                                │     │
+│  └────────────────────────────────────────────────┘     │
+└─────────────────────────────────────────────────────────┘
+```
+
+## Orden de Despliegue
+
+El código está estructurado para respetar las dependencias:
+
+1. **VPC** → Crea la red base
+2. **Route53** → Configura DNS (requiere VPC)
+3. **ACM** -> Crea y valida el TLS/SSL
+3. **EKS** → Despliega cluster Kubernetes (requiere VPC)
+4. **ALB Controller** → Instala controlador (requiere EKS)
+5. **Nullplatform Config** → Configura providers (requiere Route53)
+6. **Nullplatform Resources** → Crea usuarios y cuentas
+7. **Nullplatform Agent** → Despliega agente (requiere EKS)
+8. **Base Chart** → Instala configuraciones base (requiere EKS)
+9. **Prometheus** → Despliega monitoreo (requiere EKS)
+
+## Outputs
+
+Los módulos generan outputs útiles como:
+- VPC ID
+- Subnet IDs
+- EKS Cluster endpoint
+- Route53 Zone IDs
+- OIDC Provider ARN
+
+## Limpieza
+
+Para destruir toda la infraestructura:
+```bash
+terraform destroy
+```
+
+⚠️ **Advertencia**: Esto eliminará todos los recursos creados. Asegúrate de hacer backups si es necesario.
+
+## Troubleshooting
+
+### Error al crear EKS
+- Verificar que las subredes privadas tengan acceso a internet (NAT Gateway)
+- Confirmar que los security groups permitan el tráfico necesario
+
+### ALB Controller no despliega
+- Verificar que el OIDC provider esté configurado correctamente
+- Revisar los logs del pod del controller
+
+### Prometheus no recolecta métricas
+- Confirmar que el agente de Nullplatform esté ejecutándose
+- Verificar la configuración de ServiceMonitors
+
+## Soporte
+
+Para más información sobre los módulos, visita:
+- [Nullplatform Terraform Modules](https://github.com/nullplatform/main-terraform-modules)
+- [Documentación de Nullplatform](https://docs.nullplatform.com)
+
+## Licencia
+
+[Especificar licencia del proyecto]
\ No newline at end of file
diff --git a/examples/aws/nullplatform-with-infraestructure/backend.tf b/examples/aws/nullplatform-with-infraestructure/backend.tf
new file mode 100644
index 0000000..7787092
--- /dev/null
+++ b/examples/aws/nullplatform-with-infraestructure/backend.tf
@@ -0,0 +1,8 @@
+# terraform {
+#   backend "s3" {
+#     bucket  = "tf-state-8c73135a5572b70b"
+#     key     = "terraform.tfstate"
+#     region  = "us-east-1"
+#     encrypt = true
+#   }
+# }
diff --git a/examples/aws/nullplatform-with-infraestructure/main.tf b/examples/aws/nullplatform-with-infraestructure/main.tf
new file mode 100644
index 0000000..73cc1c7
--- /dev/null
+++ b/examples/aws/nullplatform-with-infraestructure/main.tf
@@ -0,0 +1,117 @@
+###############################################################################
+# VPC Config
+################################################################################
+module "foundations_vpc" {
+  source       = "git::https://github.com/nullplatform/main-terraform-modules.git//v2/foundations/aws/vpc?ref=v2"
+  account      = var.account
+  organization = var.organization
+  vpc          = var.vpc
+}
+
+################################################################################
+# Route53 Config
+################################################################################
+module "foundations_route53" {
+  source = "git::https://github.com/nullplatform/main-terraform-modules.git//v2/foundations/aws/route53?ref=v2"
+
+  domain_name = var.domain_name
+  vpc_id      = module.foundations_vpc.vpc_id
+}
+
+################################################################################
+# EKS Config
+################################################################################
+module "foundations_eks" {
+  source = "git::https://github.com/nullplatform/main-terraform-modules.git//v2/foundations/aws/eks?ref=v2"
+
+  name                    = var.eks_cluster_name
+  aws_subnets_private_ids = module.foundations_vpc.private_subnets
+  aws_vpc_vpc_id          = module.foundations_vpc.vpc_id
+}
+
+################################################################################
+# ALB-Controller Config
+################################################################################
+module "foundations_alb_controller" {
+  source = "git::https://github.com/nullplatform/main-terraform-modules.git//v2/foundations/aws/alb-controller?ref=v2"
+
+  cluster_name = module.foundations_eks.eks_cluster_name
+  vpc_id       = module.foundations_vpc.vpc_id
+
+  depends_on                      = [module.foundations_eks]
+  aws_iam_openid_connect_provider = module.foundations_eks.eks_oidc_provider_arn
+}
+
+
+################################################################################
+# Platform Config
+################################################################################
+module "nullplatform_configuration" {
+  source = "git::https://github.com/nullplatform/main-terraform-modules.git//v2/nullplatform/aws/nullplatform_providers?ref=v2"
+
+  domain_name                  = var.domain_name
+  environment                  = var.environment
+  hosted_private_zone_id       = module.foundations_route53.private_zone_id
+  hosted_public_zone_id        = module.foundations_route53.public_zone_id
+  nrn                          = var.nrn
+  organization                 = var.github_organization
+  organization_installation_id = var.github_organization_installation_id
+  certificate_arn              = var.certificate_arn
+  np_api_key                   = var.api_key
+
+}
+
+################################################################################
+# Users Config
+################################################################################
+module "nullplatform_user" {
+  source             = "git::https://github.com/nullplatform/main-terraform-modules.git//v2/nullplatform/nullplatform_users?ref=v2"
+  np_api_key         = var.api_key
+  nullplatform_users = var.nullplatform_users
+}
+
+################################################################################
+# Acount Config
+################################################################################
+module "nullplatform_account" {
+  source                = "git::https://github.com/nullplatform/main-terraform-modules.git//v2/nullplatform/nullplatform_account?ref=v2"
+  np_api_key            = var.api_key
+  nullplatform_accounts = var.nullplatform_accounts
+}
+
+
+################################################################################
+# Nullplatform Agent Helm Chart Configuration
+################################################################################
+
+module "nullplatform_agent" {
+  source                              = "git::https://github.com/nullplatform/main-terraform-modules.git//v2/nullplatform/aws/nullplatform_agent?ref=v2"
+  cluster_name                        = module.foundations_eks.eks_cluster_name
+  tags                                = var.tags
+  nrn                                 = var.nrn
+  agent_repos_extra                   = var.agent_repos_extra
+  environment_tag                     = var.environment_tags
+  np_api_key                          = var.api_key
+  aws_iam_openid_connect_provider_arn = module.foundations_eks.eks_oidc_provider_arn
+}
+
+################################################################################
+# Nullplatform Base Helm Chart Configuration
+################################################################################
+
+module "nullplatform_base_chart" {
+  source = "git::https://github.com/nullplatform/main-terraform-modules.git//v2/nullplatform/nullplatform_base?ref=v2"
+  nrn    = var.nrn
+
+  depends_on = [module.foundations_eks]
+}
+
+################################################################################
+# Prometheus Configuration
+################################################################################
+
+module "nullplatform_prometheus" {
+  source       = "git::https://github.com/nullplatform/main-terraform-modules.git//v2/workload/prometheus?ref=v2"
+  cluster_name = module.foundations_eks.eks_cluster_name
+  nrn          = var.nrn
+}
\ No newline at end of file
diff --git a/examples/aws/nullplatform-with-infraestructure/providers.tf b/examples/aws/nullplatform-with-infraestructure/providers.tf
new file mode 100644
index 0000000..5a3431d
--- /dev/null
+++ b/examples/aws/nullplatform-with-infraestructure/providers.tf
@@ -0,0 +1,42 @@
+terraform {
+  required_providers {
+    nullplatform = {
+      source  = "nullplatform/nullplatform"
+      version = "~> 0.0.63"
+    }
+  }
+}
+
+provider "nullplatform" {
+  api_key = var.api_key
+}
+
+provider "kubernetes" {
+  host                   = module.foundations_eks.eks_cluster_endpoint
+  cluster_ca_certificate = base64decode(module.foundations_eks.eks_cluster_ca)
+  exec {
+    api_version = "client.authentication.k8s.io/v1beta1"
+    command     = "aws"
+    args = [
+      "--profile", "providers-test",
+      "eks", "get-token",
+      "--cluster-name", module.foundations_eks.eks_cluster_name
+    ]
+  }
+}
+
+provider "helm" {
+  kubernetes = {
+    host                   = module.foundations_eks.eks_cluster_endpoint
+    cluster_ca_certificate = base64decode(module.foundations_eks.eks_cluster_ca)
+    exec = {
+      api_version = "client.authentication.k8s.io/v1beta1"
+      command     = "aws"
+      args = [
+        "--profile", "providers-test",
+        "eks", "get-token",
+        "--cluster-name", module.foundations_eks.eks_cluster_name
+      ]
+    }
+  }
+}
\ No newline at end of file
diff --git a/examples/aws/nullplatform-with-infraestructure/variables.tf b/examples/aws/nullplatform-with-infraestructure/variables.tf
new file mode 100644
index 0000000..3c88bb6
--- /dev/null
+++ b/examples/aws/nullplatform-with-infraestructure/variables.tf
@@ -0,0 +1,118 @@
+#######################################
+# Variables de cuenta / organización
+#######################################
+variable "account" {
+  description = "Nombre o alias de la cuenta"
+  type        = string
+}
+
+variable "organization" {
+  description = "Organización de AWS u otro scope"
+  type        = string
+}
+
+variable "environment" {
+  description = "Nombre del entorno (dev, staging, prod, etc.)"
+  type        = string
+  default     = ""
+}
+
+#######################################
+# VPC
+#######################################
+variable "vpc" {
+  description = "Configuración de la VPC"
+  type = object({
+    cidr_block      = string
+    azs             = list(string)
+    private_subnets = list(string)
+    public_subnets  = list(string)
+  })
+}
+
+#######################################
+# Route53 / dominios
+#######################################
+variable "domain_name" {
+  description = "Dominio raíz para el entorno"
+  type        = string
+}
+
+#######################################
+# EKS
+#######################################
+variable "eks_cluster_name" {
+  description = "Nombre del cluster EKS"
+  type        = string
+}
+
+#######################################
+# Nullplatform configuration
+#######################################
+variable "nrn" {
+  description = "ID único de nullplatform (organization y account)"
+  type        = string
+}
+
+variable "github_organization" {
+  description = "Organización de GitHub asociada"
+  type        = string
+}
+
+variable "github_organization_installation_id" {
+  description = "Installation ID de la GitHub App"
+  type        = string
+}
+
+variable "certificate_arn" {
+  description = "ARN del certificado SSL/TLS de ACM"
+  type        = string
+}
+
+variable "api_key" {
+  description = "API Key de Nullplatform"
+  type        = string
+  sensitive   = true
+}
+
+#######################################
+# Tags
+#######################################
+variable "tags" {
+  description = "Etiquetas adicionales en formato clave:valor"
+  type        = string
+}
+
+variable "agent_repos_extra" {
+  description = "Repositorios adicionales para el agente"
+  type        = list(string)
+  default     = []
+}
+
+variable "environment_tags" {
+  description = "Etiquetas específicas del entorno"
+  type        = string
+}
+
+#######################################
+# Prometheus / monitoring
+#######################################
+# Se aprovechan las variables eks_cluster_name y nrn
+
+
+variable "nullplatform_users" {
+  type = map(object({
+    email      = string
+    first_name = string
+    last_name  = string
+  }))
+}
+
+variable "nullplatform_accounts" {
+  type = map(object({
+    name                = string
+    repository_prefix   = string
+    repository_provider = string
+    slug                = string
+  }))
+}
\ No newline at end of file
diff --git a/examples/aws/nullplatform-without-infraestructure/README.md b/examples/aws/nullplatform-without-infraestructure/README.md
new file mode 100644
index 0000000..11528df
--- /dev/null
+++ b/examples/aws/nullplatform-without-infraestructure/README.md
@@ -0,0 +1,436 @@
+# Nullplatform sobre Infraestructura AWS Existente
+
+Este repositorio contiene la configuración de Iac para desplegar Nullplatform sobre una infraestructura AWS existente. Asume que ya cuentas con VPC, Route53, EKS y ALB Controller configurados.
+
+## Descripción
+
+El proyecto configura y despliega únicamente los componentes de Nullplatform:
+
+### Configuración de Nullplatform
+- **Providers**: Integración con AWS y GitHub
+- **Users**: Gestión de usuarios de la plataforma
+- **Accounts**: Configuración de cuentas
+- **Agent**: Agente de Nullplatform desplegado en el cluster EKS existente
+- **Base Chart**: Helm chart base con configuraciones de logs y métricas
+- **Prometheus**: Stack de monitoreo y recolección de métricas
+
+## Requisitos Previos
+
+### Infraestructura AWS Existente
+- ✅ VPC con subredes públicas y privadas
+- ✅ Route53 con zonas DNS públicas y privadas configuradas
+- ✅ Cluster EKS funcional y accesible con OIDC habilitado
+- ✅ ALB Controller instalado en el cluster
+- ✅ Certificado ACM creado y disponible
+
+### Credenciales y Accesos
+- Terraform ~> v1.12.2
+- OpenTofu ~> v1.10.6
+- `kubectl` configurado para acceder al cluster EKS
+- API Key de Nullplatform (generada a nivel Organización y con roles Ops, SecOps, SecretReader)
+- GitHub Organization con la App instalada (https://docs.nullplatform.com/docs/providers/tutorials/configuring-github#record-your-installation-id)
+- Permisos IAM para crear roles y políticas
+
+## Estructura del Proyecto
+
+```
+.
+├── main.tf              # Configuración principal de módulos
+├── variables.tf         # Definición de variables
+├── terraform.tfvars     # Valores de variables (no versionar)
+├── data.tf             # Data sources para recursos existentes
+└── README.md           # Este archivo
+```
+
+## Variables Requeridas
+
+### Infraestructura AWS Existente
+```hcl
+# Cluster EKS
+eks_cluster_name = "nombre-del-cluster-existente"
+
+# DNS
+domain_name            = "example.com"
+hosted_private_zone_id = "Z1234567890ABC"  # ID de la zona privada existente
+hosted_public_zone_id  = "Z0987654321XYZ"  # ID de la zona pública existente
+
+# Certificados
+certificate_arn = "arn:aws:acm:us-east-1:123456789012:certificate/..."
+```
+
+### Nullplatform
+```hcl
+# Configuración general
+nrn         = "nrn:organization:account:scope:..."
+api_key     = "np_..."
+environment = "production"  # o "staging", "development"
+
+# GitHub
+github_organization              = "mi-organizacion"
+github_organization_installation_id = "12345678"
+
+# Usuarios
+nullplatform_users = {
+  admin = {
+    email      = "admin@example.com"
+    first_name = "admin"
+    last_name  = "admin"
+  }
+}
+
+# Cuentas
+nullplatform_accounts = {
+  main = {
+    name = "main",
+    repository_prefix = "main",
+    repository_provider = optional(string, "github")
+    slug               = "main"
+  }
+}
+# tags para el agente
+tags = "environment:providers-test"
+
+# Tags to channel
+environment_tags = "providers-test"
+
+agent_repos_extra = []
+```
+
+## Data Sources Necesarios
+
+En el archivo `data.tf` ecnontraras la informacion para referenciar recursos existentes:
+
+```hcl
+# Obtener información del cluster EKS existente
+data "aws_eks_cluster" "this" {
+  name = var.eks_cluster_name
+}
+
+data "aws_iam_openid_connect_provider" "this" {
+  url = data.aws_eks_cluster.this.identity[0].oidc[0].issuer
+}
+
+## Opcionales
+# Obtener información de la VPC
+data "aws_vpc" "this" {
+  filter {
+    name   = "tag:Name"
+    values = ["nombre-de-tu-vpc"]  # Ajustar según tu VPC
+  }
+}
+
+# Obtener zonas DNS (opcional, si no usas variables)
+data "aws_route53_zone" "private" {
+  zone_id      = var.hosted_private_zone_id
+  private_zone = true
+}
+
+data "aws_route53_zone" "public" {
+  zone_id = var.hosted_public_zone_id
+}
+```
+
+## Configuración del Provider
+
+En el archivo `providers.tf` encontraras la configuracion para usar los diferentes providers requeridos en la instalacion
+
+```hcl
+terraform {
+  required_version = "~> 1.0"
+  required_providers {
+    nullplatform = {
+      source  = "nullplatform/nullplatform"
+      version = "~> 0.0.63"
+    }
+  }
+  provider "nullplatform" {
+    api_key = var.api_key
+}
+  
+  
+}
+
+# Provider de Kubernetes y helm  usando el cluster EKS existente
+provider "kubernetes" {
+  host                   = data.aws_eks_cluster.this.endpoint
+  cluster_ca_certificate = base64decode(data.aws_eks_cluster.this.certificate_authority[0].data)
+  exec {
+    api_version = "client.authentication.k8s.io/v1beta1"
+    command     = "aws"
+    args = [
+      "--profile", "providers-test",
+      "eks", "get-token",
+      "--cluster-name", var.eks_cluster_name
+    ]
+  }
+}
+
+provider "helm" {
+  kubernetes = {
+    host                   = data.aws_eks_cluster.this.endpoint
+    cluster_ca_certificate = base64decode(data.aws_eks_cluster.this.certificate_authority[0].data)
+    exec = {
+      api_version = "client.authentication.k8s.io/v1beta1"
+      command     = "aws"
+      args = [
+        "--profile", "providers-test",
+        "eks", "get-token",
+        "--cluster-name", var.eks_cluster_name
+      ]
+    }
+  }
+}
+```
+
+## Guía de Uso
+
+### 1. Verificar Prerequisitos
+
+Asegúrate de tener acceso al cluster:
+```bash
+aws eks update-kubeconfig --name <nombre-cluster> --region <region>
+kubectl get nodes
+```
+
+Verifica que el ALB Controller esté funcionando:
+```bash
+kubectl get deployment -n kube-system aws-load-balancer-controller
+```
+
+### 2. Configurar Variables
+
+Crea un archivo `terraform.tfvars`:
+```hcl
+# AWS Infrastructure (existente)
+eks_cluster_name       = "my-existing-cluster"
+domain_name            = "example.com"
+hosted_private_zone_id = "Z1234567890ABC"
+hosted_public_zone_id  = "Z0987654321XYZ"
+certificate_arn        = "arn:aws:acm:..."
+
+# Nullplatform
+nrn         = "nrn:..."
+api_key     = "np_..."
+environment = "production"
+
+# GitHub
+github_organization              = "my-org"
+github_organization_installation_id = "12345678"
+
+# Users & Accounts
+nullplatform_users = {
+  admin = {
+    email      = "admin@example.com"
+    first_name = "admin"
+    last_name  = "admin"
+  }
+}
+
+nullplatform_accounts = {
+  main = {
+    name = "main",
+    repository_prefix = "main",
+    repository_provider = optional(string, "github")
+    slug               = "main"
+  }
+}
+```
+
+### 3. Inicializar y Desplegar
+
+```bash
+# Inicializar Terraform
+terraform init
+
+# Revisar el plan
+terraform plan
+
+# Aplicar la configuración
+terraform apply
+```
+
+### 4. Verificar el Despliegue
+
+```bash
+# Verificar que el agente esté corriendo
+kubectl get pods -n nullplatform-system
+
+# Verificar Prometheus
+kubectl get pods -n monitoring
+
+# Verificar los servicios
+kubectl get svc --all-namespaces
+```
+
+## Componentes Desplegados
+
+### 1. Nullplatform Providers
+Configura la integración entre Nullplatform y tus proveedores:
+- AWS (usando las zonas DNS y certificados existentes)
+- GitHub (como repositorio de las aplicaciones)
+
+### 2. Usuarios y Cuentas
+Gestiona el acceso y las cuentas dentro de Nullplatform.
+
+### 3. Nullplatform Agent
+Agente desplegado en el cluster EKS que:
+- Gestiona deployments
+- Sincroniza estado con Nullplatform
+- Maneja secrets y configuraciones
+- Se comunica con la API de Nullplatform
+
+### 4. Base Chart
+Helm chart con configuraciones fundamentales:
+- Logs & Metricas
+
+### 5. Prometheus Stack
+Stack de monitoreo que incluye:
+- Prometheus server
+- Service monitors
+- Alert managers
+
+## Arquitectura
+
+```
+┌─────────────────────────────────────────────────────────┐
+│           Infraestructura AWS Existente                 │
+│                                                         │
+│  ┌────────────────────────────────────────────────┐     │
+│  │              VPC (existente)                   │     │
+│  │                                                │     │
+│  │         ┌──────────────────────────────┐       │     │
+│  │         │   Cluster EKS (existente)    │       │     │
+│  │         │                              │       │     │
+│  │         │  ┌────────────────────────┐  │       │     │
+│  │         │  │  Nullplatform Agent    │  │       │     │       
+│  │         │  │  • Deployment Manager  │  │       │     │
+│  │         │  │  • State Sync          │  │       │     │
+│  │         │  └────────────────────────┘  │       │     │
+│  │         │                              │       │     │
+│  │         │  ┌────────────────────────┐  │       │     │
+│  │         │  │  Base Chart            │  │       │     │           
+│  │         │  │  • Logs                │  │       │     │
+│  │         │  │  • Métricas            │  │       │     │
+│  │         │  └────────────────────────┘  │       │     │
+│  │         │                              │       │     │
+│  │         │  ┌────────────────────────┐  │       │     │
+│  │         │  │  Prometheus            │  │       │     │            
+│  │         │  │  • Metrics Collection  │  │       │     │
+│  │         │  │  • Monitoring          │  │       │     │
+│  │         │  └────────────────────────┘  │       │     │
+│  │         └──────────────────────────────┘       │     │
+│  │                                                │     │
+│  │         ALB Controller (existente)             │     │
+│  └────────────────────────────────────────────────┘     │
+│                                                         │
+│  Route53 DNS (existente)                                │
+│  ACM Certificate (existente)                            │
+└─────────────────────────────────────────────────────────┘
+                         │
+                         │ API Calls
+                         ▼
+              ┌──────────────────────┐
+              │  Nullplatform API    │
+              │  • Configuration     │
+              │  • State Management  │
+              └──────────────────────┘
+```
+
+## Permisos IAM Requeridos
+
+El agente de Nullplatform necesitará permisos IAM. El módulo creará automáticamente:
+- IAM Role para el Service Account
+- Políticas necesarias para interactuar con AWS
+- Binding con el OIDC provider del cluster
+
+Permisos típicos requeridos:
+- Route53 (gestión de DNS)
+- ECR (pull de imágenes)
+- Secrets Manager (gestión de secrets)
+- CloudWatch (logs y métricas)
+
+## Troubleshooting
+
+### El agente no inicia
+```bash
+# Ver logs del agente
+kubectl logs -n nullplatform-system -l app=nullplatform-agent
+
+# Verificar el service account
+kubectl get serviceaccount -n nullplatform-system
+
+# Verificar el IAM role
+kubectl describe serviceaccount -n nullplatform-system nullplatform-agent
+```
+
+### Problemas con OIDC Provider
+```bash
+# Verificar que el OIDC provider existe
+aws iam list-open-id-connect-providers
+
+# Verificar la URL del OIDC
+aws eks describe-cluster --name <cluster-name> --query "cluster.identity.oidc.issuer"
+```
+
+### Prometheus no recolecta métricas
+```bash
+# Verificar los service monitors
+kubectl get servicemonitor -n monitoring
+
+# Ver logs de Prometheus
+kubectl logs -n monitoring -l app=prometheus
+
+# Verificar los targets
+kubectl port-forward -n monitoring svc/prometheus 9090:9090
+# Abrir http://localhost:9090/targets
+```
+
+### Problemas de conectividad
+```bash
+# Verificar network policies
+kubectl get networkpolicies --all-namespaces
+
+# Verificar que los pods pueden comunicarse
+kubectl run -it --rm debug --image=busybox --restart=Never -- sh
+```
+
+## Actualización de Componentes
+
+Para actualizar los charts de Nullplatform:
+
+```bash
+# Actualizar un módulo específico
+terraform apply -target=module.nullplatform_agent
+
+# Actualizar todos los charts
+terraform apply
+```
+
+## Limpieza
+
+Para eliminar únicamente los componentes de Nullplatform:
+
+```bash
+terraform destroy
+```
+
+⚠️ **Nota**: Esto NO eliminará tu infraestructura AWS existente (VPC, EKS, Route53, etc.)
+
+## Migración desde Infraestructura Completa
+
+Si anteriormente desplegabas todo con Terraform, para migrar:
+
+1. Exporta los IDs de recursos existentes
+2. Actualiza `terraform.tfvars` con los valores
+3. Comenta los módulos de infraestructura en `main.tf`
+4. Ejecuta `terraform init` y `terraform plan`
+
+## Monitoreo y Observabilidad
+
+Una vez desplegado, puedes acceder a:
+
+### Prometheus UI
+```bash
+kubectl port-forward -n monitoring svc/prometheus-server 9090:80
+# Abrir http://localhost:9090
+```
diff --git a/examples/aws/nullplatform-without-infraestructure/backend.tf b/examples/aws/nullplatform-without-infraestructure/backend.tf
new file mode 100644
index 0000000..7787092
--- /dev/null
+++ b/examples/aws/nullplatform-without-infraestructure/backend.tf
@@ -0,0 +1,8 @@
+# terraform {
+#   backend "s3" {
+#     bucket  = "tf-state-8c73135a5572b70b"
+#     key     = "terraform.tfstate"
+#     region  = "us-east-1"
+#     encrypt = true
+#   }
+# }
diff --git a/examples/aws/nullplatform-without-infraestructure/data.tf b/examples/aws/nullplatform-without-infraestructure/data.tf
new file mode 100644
index 0000000..51d0292
--- /dev/null
+++ b/examples/aws/nullplatform-without-infraestructure/data.tf
@@ -0,0 +1,7 @@
+data "aws_eks_cluster" "this" {
+  name = var.eks_cluster_name
+}
+
+data "aws_iam_openid_connect_provider" "this" {
+  url = data.aws_eks_cluster.this.identity[0].oidc[0].issuer
+}
\ No newline at end of file
diff --git a/examples/aws/nullplatform-without-infraestructure/main.tf b/examples/aws/nullplatform-without-infraestructure/main.tf
new file mode 100644
index 0000000..1b78ba7
--- /dev/null
+++ b/examples/aws/nullplatform-without-infraestructure/main.tf
@@ -0,0 +1,69 @@
+################################################################################
+# Platform Config
+################################################################################
+module "nullplatform_configuration" {
+  source = "git::https://github.com/nullplatform/main-terraform-modules.git//v2/nullplatform/aws/nullplatform_providers?ref=v2"
+
+  domain_name                  = var.domain_name
+  environment                  = var.environment
+  hosted_private_zone_id       = var.hosted_private_zone_id
+  hosted_public_zone_id        = var.hosted_public_zone_id
+  nrn                          = var.nrn
+  organization                 = var.github_organization
+  organization_installation_id = var.github_organization_installation_id
+  certificate_arn              = var.certificate_arn
+  np_api_key                   = var.api_key
+}
+
+################################################################################
+# Users Config
+################################################################################
+module "nullplatform_user" {
+  source             = "git::https://github.com/nullplatform/main-terraform-modules.git//v2/nullplatform/nullplatform_users?ref=v2"
+  np_api_key         = var.api_key
+  nullplatform_users = var.nullplatform_users
+}
+
+################################################################################
+# Acount Config
+################################################################################
+module "nullplatform_account" {
+  source                = "git::https://github.com/nullplatform/main-terraform-modules.git//v2/nullplatform/nullplatform_account?ref=v2"
+  np_api_key            = var.api_key
+  nullplatform_accounts = var.nullplatform_accounts
+}
+
+
+################################################################################
+# Nullplatform Agent Helm Chart Configuration
+################################################################################
+
+module "nullplatform_agent" {
+  source                              = "git::https://github.com/nullplatform/main-terraform-modules.git//v2/nullplatform/aws/nullplatform_agent?ref=v2"
+  cluster_name                        = var.eks_cluster_name
+  tags                                = var.tags
+  nrn                                 = var.nrn
+  agent_repos_extra                   = var.agent_repos_extra
+  environment_tag                     = var.environment_tags
+  np_api_key                          = var.api_key
+  aws_iam_openid_connect_provider_arn = data.aws_iam_openid_connect_provider.this.arn
+}
+
+################################################################################
+# Nullplatform Base Helm Chart Configuration
+################################################################################
+
+module "nullplatform_base_chart" {
+  source = "git::https://github.com/nullplatform/main-terraform-modules.git//v2/nullplatform/nullplatform_base?ref=v2"
+  nrn    = var.nrn
+}
+
+################################################################################
+# Prometheus Configuration
+################################################################################
+
+module "nullplatform_prometheus" {
+  source       = "git::https://github.com/nullplatform/main-terraform-modules.git//v2/workload/prometheus?ref=v2"
+  cluster_name = var.eks_cluster_name
+  nrn          = var.nrn
+}
\ No newline at end of file
diff --git a/examples/aws/nullplatform-without-infraestructure/providers.tf b/examples/aws/nullplatform-without-infraestructure/providers.tf
new file mode 100644
index 0000000..56aa164
--- /dev/null
+++ b/examples/aws/nullplatform-without-infraestructure/providers.tf
@@ -0,0 +1,40 @@
+terraform {
+  required_providers {
+    nullplatform = {
+      source  = "nullplatform/nullplatform"
+      version = "~> 0.0.63"
+    }
+  }
+}
+
+provider "nullplatform" {
+  api_key = var.api_key
+}
+
+provider "kubernetes" {
+  host                   = data.aws_eks_cluster.this.endpoint
+  cluster_ca_certificate = base64decode(data.aws_eks_cluster.this.certificate_authority[0].data)
+  exec {
+    api_version = "client.authentication.k8s.io/v1beta1"
+    command     = "aws"
+    args = [
+      "eks", "get-token",
+      "--cluster-name", var.eks_cluster_name
+    ]
+  }
+}
+
+provider "helm" {
+  kubernetes = {
+    host                   = data.aws_eks_cluster.this.endpoint
+    cluster_ca_certificate = base64decode(data.aws_eks_cluster.this.certificate_authority[0].data)
+    exec = {
+      api_version = "client.authentication.k8s.io/v1beta1"
+      command     = "aws"
+      args = [
+        "eks", "get-token",
+        "--cluster-name", var.eks_cluster_name
+      ]
+    }
+  }
+}
\ No newline at end of file
diff --git a/examples/aws/nullplatform-without-infraestructure/variables.tf b/examples/aws/nullplatform-without-infraestructure/variables.tf
new file mode 100644
index 0000000..3d42e1e
--- /dev/null
+++ b/examples/aws/nullplatform-without-infraestructure/variables.tf
@@ -0,0 +1,121 @@
+#######################################
+# Variables de cuenta / organización
+#######################################
+variable "account" {
+  description = "Nombre o alias de la cuenta"
+  type        = string
+}
+
+variable "organization" {
+  description = "Organización de AWS u otro scope"
+  type        = string
+}
+
+variable "environment" {
+  description = "Nombre del entorno (dev, staging, prod, etc.)"
+  type        = string
+  default     = ""
+}
+
+#######################################
+# VPC
+#######################################
+variable "vpc" {
+  description = "Configuración de la VPC"
+  type = object({
+    cidr_block      = string
+    azs             = list(string)
+    private_subnets = list(string)
+    public_subnets  = list(string)
+  })
+}
+
+#######################################
+# Route53 / dominios
+#######################################
+variable "domain_name" {
+  description = "Dominio raíz para el entorno"
+  type        = string
+}
+
+variable "hosted_public_zone_id" {}
+variable "hosted_private_zone_id" {}
+
+#######################################
+# EKS
+#######################################
+variable "eks_cluster_name" {
+  description = "Nombre del cluster EKS"
+  type        = string
+}
+
+#######################################
+# Nullplatform configuration
+#######################################
+variable "nrn" {
+  description = "ID único de nullplatform (organization y account)"
+  type        = string
+}
+
+variable "github_organization" {
+  description = "Organización de GitHub asociada"
+  type        = string
+}
+
+variable "github_organization_installation_id" {
+  description = "Installation ID de la GitHub App"
+  type        = string
+}
+
+variable "certificate_arn" {
+  description = "ARN del certificado SSL/TLS de ACM"
+  type        = string
+}
+
+variable "api_key" {
+  description = "API Key de Nullplatform"
+  type        = string
+  sensitive   = true
+}
+
+#######################################
+# Tags
+#######################################
+variable "tags" {
+  description = "Etiquetas adicionales en formato clave:valor"
+  type        = string
+}
+
+variable "agent_repos_extra" {
+  description = "Repositorios adicionales para el agente"
+  type        = list(string)
+  default     = []
+}
+
+variable "environment_tags" {
+  description = "Etiquetas específicas del entorno"
+  type        = string
+}
+
+#######################################
+# Prometheus / monitoring
+#######################################
+# Se aprovechan las variables eks_cluster_name y nrn
+
+
+variable "nullplatform_users" {
+  type = map(object({
+    email      = string
+    first_name = string
+    last_name  = string
+  }))
+}
+
+variable "nullplatform_accounts" {
+  type = map(object({
+    name                = string
+    repository_prefix   = string
+    repository_provider = string
+    slug                = string
+  }))
+}
\ No newline at end of file
diff --git a/modules/aws/acm/main.tf b/infrastructure/aws/acm/main.tf
similarity index 78%
rename from modules/aws/acm/main.tf
rename to infrastructure/aws/acm/main.tf
index 920c701..862d67f 100644
--- a/modules/aws/acm/main.tf
+++ b/infrastructure/aws/acm/main.tf
@@ -3,22 +3,13 @@ resource "aws_acm_certificate" "cert" {
   domain_name       = "*.${var.domain_name}"
   validation_method = "DNS"
 
-  subject_alternative_names = [
-    "*.${var.account}.${var.domain_name}"
-  ]
+  subject_alternative_names = var.subject_alternative_names
 
   lifecycle {
     create_before_destroy = true
   }
-
-  tags = {
-    organization = var.organization
-    account      = var.account
-    name         = "${var.domain_name} Certificate"
-  }
 }
 
-# DNS validation records
 resource "aws_route53_record" "cert_validation" {
   provider = aws
   for_each = {
@@ -39,4 +30,4 @@ resource "aws_acm_certificate_validation" "cert_validation" {
   provider                = aws
   certificate_arn         = aws_acm_certificate.cert.arn
   validation_record_fqdns = [for record in aws_route53_record.cert_validation : record.fqdn]
-}
+}
\ No newline at end of file
diff --git a/modules/aws/acm/output.tf b/infrastructure/aws/acm/output.tf
similarity index 99%
rename from modules/aws/acm/output.tf
rename to infrastructure/aws/acm/output.tf
index 2824778..461f61b 100644
--- a/modules/aws/acm/output.tf
+++ b/infrastructure/aws/acm/output.tf
@@ -6,4 +6,4 @@ output "acm_certificate_arn" {
 output "acm_certificate_domain_name" {
   description = "The domain name for which the ACM certificate is issued"
   value       = aws_acm_certificate.cert.domain_name
-}
+}
\ No newline at end of file
diff --git a/infrastructure/aws/acm/providers.tf b/infrastructure/aws/acm/providers.tf
new file mode 100644
index 0000000..8b01857
--- /dev/null
+++ b/infrastructure/aws/acm/providers.tf
@@ -0,0 +1,8 @@
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 6.0"
+    }
+  }
+}
\ No newline at end of file
diff --git a/infrastructure/aws/acm/variables.tf b/infrastructure/aws/acm/variables.tf
new file mode 100644
index 0000000..7d29adf
--- /dev/null
+++ b/infrastructure/aws/acm/variables.tf
@@ -0,0 +1,14 @@
+variable "zone_id" {
+  description = "Route53 Zone ID where certificate will be validated"
+  type        = string
+}
+
+variable "domain_name" {
+  type = string
+}
+
+variable "subject_alternative_names" {
+  type        = list(string)
+  description = "Alternative DNS to add"
+  default     = []
+}
\ No newline at end of file
diff --git a/infrastructure/aws/alb-controller/iam.tf b/infrastructure/aws/alb-controller/iam.tf
new file mode 100644
index 0000000..2b179eb
--- /dev/null
+++ b/infrastructure/aws/alb-controller/iam.tf
@@ -0,0 +1,28 @@
+module "aws-load-balancer-controller-role" {
+  source                                 = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts"
+  version                                = "~> 6.0"
+  name                                   = "AWSLoadBalancerControllerIAMRole"
+  attach_load_balancer_controller_policy = true
+  use_name_prefix                        = false
+  oidc_providers = {
+    main = {
+      provider_arn               = var.aws_iam_openid_connect_provider
+      namespace_service_accounts = ["kube-system:aws-load-balancer-controller"]
+    }
+  }
+}
+
+resource "kubernetes_service_account" "aws-load-balancer-controller-sa" {
+  metadata {
+    name      = "aws-load-balancer-controller"
+    namespace = "kube-system"
+    labels = {
+      "app.kubernetes.io/name"      = "aws-load-balancer-controller"
+      "app.kubernetes.io/component" = "controller"
+    }
+    annotations = {
+      "eks.amazonaws.com/role-arn"               = module.aws-load-balancer-controller-role.arn
+      "eks.amazonaws.com/sts-regional-endpoints" = "true"
+    }
+  }
+}
\ No newline at end of file
diff --git a/infrastructure/aws/alb-controller/locals.tf b/infrastructure/aws/alb-controller/locals.tf
new file mode 100644
index 0000000..cadb7bf
--- /dev/null
+++ b/infrastructure/aws/alb-controller/locals.tf
@@ -0,0 +1,7 @@
+locals {
+  aws-load-balancer-controller-values = templatefile("${path.module}/templates/aws-load-balancer-controller-values.tmpl.yaml", {
+    cluster_name         = var.cluster_name
+    service_account_name = kubernetes_service_account.aws-load-balancer-controller-sa.metadata[0].name
+    vpc_id               = var.vpc_id
+  })
+}
\ No newline at end of file
diff --git a/infrastructure/aws/alb-controller/main.tf b/infrastructure/aws/alb-controller/main.tf
new file mode 100644
index 0000000..5cbb5b4
--- /dev/null
+++ b/infrastructure/aws/alb-controller/main.tf
@@ -0,0 +1,24 @@
+resource "helm_release" "aws-load-balancer-controller" {
+  name       = "aws-load-balancer-controller"
+  repository = "https://aws.github.io/eks-charts"
+  chart      = "aws-load-balancer-controller"
+  version    = var.aws-load-balancer-controller-version
+  namespace  = "kube-system"
+
+  disable_webhooks  = true
+  force_update      = true
+  wait              = true
+  wait_for_jobs     = true
+  timeout           = 600
+  atomic            = true
+  cleanup_on_fail   = true
+  replace           = false
+  recreate_pods     = false
+  reset_values      = false
+  reuse_values      = false
+  dependency_update = true
+  max_history       = 10
+
+
+  values = [local.aws-load-balancer-controller-values]
+}
\ No newline at end of file
diff --git a/infrastructure/aws/alb-controller/providers.tf b/infrastructure/aws/alb-controller/providers.tf
new file mode 100644
index 0000000..4eaaf21
--- /dev/null
+++ b/infrastructure/aws/alb-controller/providers.tf
@@ -0,0 +1,12 @@
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 6.0"
+    }
+    helm = {
+      source  = "hashicorp/helm"
+      version = "~> 3.0"
+    }
+  }
+}
\ No newline at end of file
diff --git a/infrastructure/aws/alb-controller/templates/aws-load-balancer-controller-values.tmpl.yaml b/infrastructure/aws/alb-controller/templates/aws-load-balancer-controller-values.tmpl.yaml
new file mode 100644
index 0000000..bb1161a
--- /dev/null
+++ b/infrastructure/aws/alb-controller/templates/aws-load-balancer-controller-values.tmpl.yaml
@@ -0,0 +1,5 @@
+clusterName: "${cluster_name}"
+serviceAccount:
+  create: false
+  name: "${service_account_name}"
+vpcId: "${vpc_id}"
diff --git a/infrastructure/aws/alb-controller/variables.tf b/infrastructure/aws/alb-controller/variables.tf
new file mode 100644
index 0000000..0d7bc8c
--- /dev/null
+++ b/infrastructure/aws/alb-controller/variables.tf
@@ -0,0 +1,19 @@
+variable "cluster_name" {
+  description = "Name of the EKS cluster"
+  type        = string
+}
+
+variable "vpc_id" {
+  description = "VPC ID where load balancers controller will be deployed"
+  type        = string
+}
+
+variable "aws-load-balancer-controller-version" {
+  description = "Version of the AWS Load Balancer Controller Helm chart"
+  type        = string
+  default     = "1.13.4"
+}
+
+variable "aws_iam_openid_connect_provider" {
+
+}
\ No newline at end of file
diff --git a/infrastructure/aws/backend/main.tf b/infrastructure/aws/backend/main.tf
new file mode 100644
index 0000000..9ff3132
--- /dev/null
+++ b/infrastructure/aws/backend/main.tf
@@ -0,0 +1,41 @@
+data "aws_vpc" "vpc" {
+  id = var.vpc_id
+}
+
+resource "random_id" "bucket_suffix" {
+  byte_length = 8
+}
+
+resource "aws_s3_bucket" "tf_state" {
+  bucket              = "tf-state-${lower(random_id.bucket_suffix.hex)}"
+  object_lock_enabled = true
+  force_destroy       = true
+}
+
+resource "aws_s3_bucket_versioning" "tf_state_versioning" {
+  bucket = aws_s3_bucket.tf_state.id
+
+  versioning_configuration {
+    status = "Enabled"
+  }
+}
+
+resource "aws_s3_bucket_server_side_encryption_configuration" "tf_state_sse" {
+  bucket = aws_s3_bucket.tf_state.id
+
+  rule {
+    apply_server_side_encryption_by_default {
+      sse_algorithm = "AES256"
+    }
+  }
+}
+
+resource "aws_s3_bucket_object_lock_configuration" "tf_state_lock" {
+  bucket = aws_s3_bucket.tf_state.id
+  rule {
+    default_retention {
+      mode = "COMPLIANCE"
+      days = 1
+    }
+  }
+}
diff --git a/infrastructure/aws/backend/providers.tf b/infrastructure/aws/backend/providers.tf
new file mode 100644
index 0000000..8b01857
--- /dev/null
+++ b/infrastructure/aws/backend/providers.tf
@@ -0,0 +1,8 @@
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 6.0"
+    }
+  }
+}
\ No newline at end of file
diff --git a/infrastructure/aws/backend/variables.tf b/infrastructure/aws/backend/variables.tf
new file mode 100644
index 0000000..2c7c73a
--- /dev/null
+++ b/infrastructure/aws/backend/variables.tf
@@ -0,0 +1,4 @@
+variable "vpc_id" {
+  type        = string
+  description = "A account name"
+}
\ No newline at end of file
diff --git a/infrastructure/aws/eks/main.tf b/infrastructure/aws/eks/main.tf
new file mode 100644
index 0000000..4aecad5
--- /dev/null
+++ b/infrastructure/aws/eks/main.tf
@@ -0,0 +1,43 @@
+module "eks" {
+  source  = "terraform-aws-modules/eks/aws"
+  version = "~> 21.0"
+
+  name               = var.name
+  kubernetes_version = var.kubernetes_version
+
+  create_cloudwatch_log_group = false
+
+  addons = {
+    coredns = {}
+    eks-pod-identity-agent = {
+      before_compute = true
+    }
+    kube-proxy = {}
+    vpc-cni = {
+      before_compute = true
+    }
+  }
+
+  # Optional
+  endpoint_public_access = true
+
+  # Optional: Adds the current caller identity as an administrator via cluster access entry
+  enable_cluster_creator_admin_permissions = true
+
+  vpc_id                   = var.aws_vpc_vpc_id
+  subnet_ids               = var.aws_subnets_private_ids
+  control_plane_subnet_ids = var.aws_subnets_private_ids
+
+  # EKS Managed Node Group(s)
+  eks_managed_node_groups = {
+    nullplatform = {
+      # Starting on 1.30, AL2023 is the default AMI type for EKS managed node groups
+      ami_type       = var.ami_type
+      instance_types = [var.instance_types]
+
+      min_size     = 2
+      max_size     = 10
+      desired_size = 2
+    }
+  }
+}
\ No newline at end of file
diff --git a/infrastructure/aws/eks/output.tf b/infrastructure/aws/eks/output.tf
new file mode 100644
index 0000000..6d47508
--- /dev/null
+++ b/infrastructure/aws/eks/output.tf
@@ -0,0 +1,20 @@
+output "eks_cluster_name" {
+  value       = module.eks.cluster_name
+  description = "Nombre del cluster EKS"
+}
+
+output "eks_cluster_endpoint" {
+  value       = module.eks.cluster_endpoint
+  description = "Endpoint del API Server"
+}
+
+output "eks_cluster_ca" {
+  value       = module.eks.cluster_certificate_authority_data
+  description = "CA del cluster en base64"
+  sensitive   = true
+}
+
+output "eks_oidc_provider_arn" {
+  value       = module.eks.oidc_provider_arn
+  description = "ARN del OIDC provider del cluster"
+}
\ No newline at end of file
diff --git a/infrastructure/aws/eks/providers.tf b/infrastructure/aws/eks/providers.tf
new file mode 100644
index 0000000..4eaaf21
--- /dev/null
+++ b/infrastructure/aws/eks/providers.tf
@@ -0,0 +1,12 @@
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 6.0"
+    }
+    helm = {
+      source  = "hashicorp/helm"
+      version = "~> 3.0"
+    }
+  }
+}
\ No newline at end of file
diff --git a/infrastructure/aws/eks/variables.tf b/infrastructure/aws/eks/variables.tf
new file mode 100644
index 0000000..e9859cc
--- /dev/null
+++ b/infrastructure/aws/eks/variables.tf
@@ -0,0 +1,25 @@
+variable "name" {
+  type        = string
+  description = "A name of cluster"
+}
+
+variable "ami_type" {
+  type        = string
+  description = "The ami type to use with node"
+  default     = "AL2023_x86_64_STANDARD"
+}
+
+variable "instance_types" {
+  type        = string
+  description = "The instance type to use"
+  default     = "t3.medium"
+}
+
+variable "kubernetes_version" {
+  type        = string
+  description = "The version of K8s to use"
+  default     = "1.32"
+}
+
+variable "aws_vpc_vpc_id" {}
+variable "aws_subnets_private_ids" {}
\ No newline at end of file
diff --git a/infrastructure/aws/ingress/main.tf b/infrastructure/aws/ingress/main.tf
new file mode 100644
index 0000000..9ddb332
--- /dev/null
+++ b/infrastructure/aws/ingress/main.tf
@@ -0,0 +1,95 @@
+resource "kubernetes_ingress_v1" "internal" {
+  metadata {
+    name      = "initial-ingress-setup-internal"
+    namespace = "nullplatform"
+
+    annotations = merge({
+      "alb.ingress.kubernetes.io/actions.response-404" = jsonencode({
+        type = "fixed-response"
+        fixedResponseConfig = {
+          contentType = "text/plain"
+          statusCode  = "404"
+          messageBody = "404 scope not found or has not been deployed yet"
+        }
+      })
+      "alb.ingress.kubernetes.io/group.name"         = "k8s-nullplatform-internal"
+      "alb.ingress.kubernetes.io/listen-ports"       = "[{\"HTTP\":80},{\"HTTPS\":443}]"
+      "alb.ingress.kubernetes.io/load-balancer-name" = "k8s-nullplatform-internal"
+      "alb.ingress.kubernetes.io/scheme"             = "internal"
+      "alb.ingress.kubernetes.io/ssl-redirect"       = "443"
+      "alb.ingress.kubernetes.io/target-type"        = "ip"
+      "alb.ingress.kubernetes.io/certificate-arn"    = var.certificate_arn
+    })
+  }
+
+  spec {
+    ingress_class_name = "alb"
+
+    rule {
+      host = "setup.nullapps.io"
+      http {
+        path {
+          path      = "/"
+          path_type = "Prefix"
+
+          backend {
+            service {
+              name = "response-404"
+              port {
+                name = "use-annotation"
+              }
+            }
+          }
+        }
+      }
+    }
+  }
+}
+
+resource "kubernetes_ingress_v1" "public" {
+  metadata {
+    name      = "initial-ingress-setup-public"
+    namespace = "nullplatform"
+
+    annotations = merge({
+      "alb.ingress.kubernetes.io/actions.response-404" = jsonencode({
+        type = "fixed-response"
+        fixedResponseConfig = {
+          contentType = "text/plain"
+          statusCode  = "404"
+          messageBody = "404 scope not found or has not been deployed yet"
+        }
+      })
+      "alb.ingress.kubernetes.io/group.name"         = "k8s-nullplatform-internet-facing"
+      "alb.ingress.kubernetes.io/listen-ports"       = "[{\"HTTP\":80},{\"HTTPS\":443}]"
+      "alb.ingress.kubernetes.io/load-balancer-name" = "k8s-nullplatform-internet-facing"
+      "alb.ingress.kubernetes.io/scheme"             = "internet-facing"
+      "alb.ingress.kubernetes.io/ssl-redirect"       = "443"
+      "alb.ingress.kubernetes.io/target-type"        = "ip"
+      "alb.ingress.kubernetes.io/certificate-arn"    = var.certificate_arn
+    })
+  }
+
+  spec {
+    ingress_class_name = "alb"
+
+    rule {
+      host = "setup.nullapps.io"
+      http {
+        path {
+          path      = "/"
+          path_type = "Prefix"
+
+          backend {
+            service {
+              name = "response-404"
+              port {
+                name = "use-annotation"
+              }
+            }
+          }
+        }
+      }
+    }
+  }
+}
\ No newline at end of file
diff --git a/infrastructure/aws/ingress/variables.tf b/infrastructure/aws/ingress/variables.tf
new file mode 100644
index 0000000..48498d8
--- /dev/null
+++ b/infrastructure/aws/ingress/variables.tf
@@ -0,0 +1,4 @@
+variable "certificate_arn" {
+  description = "ARN of the SSL/TLS certificate for the network configuration"
+  type        = string
+}
\ No newline at end of file
diff --git a/infrastructure/aws/route53/main.tf b/infrastructure/aws/route53/main.tf
new file mode 100644
index 0000000..8d1b463
--- /dev/null
+++ b/infrastructure/aws/route53/main.tf
@@ -0,0 +1,17 @@
+resource "aws_route53_zone" "public_zone" {
+  name = var.domain_name
+}
+
+resource "aws_route53_zone" "private_zone" {
+  name = var.domain_name
+  vpc {
+    vpc_id = var.vpc_id
+  }
+}
+
+module "aws_route53_acm" {
+  source                    = "../acm"
+  domain_name               = var.domain_name
+  zone_id                   = aws_route53_zone.public_zone.id
+  subject_alternative_names = []
+}
diff --git a/modules/aws/route53/output.tf b/infrastructure/aws/route53/output.tf
similarity index 99%
rename from modules/aws/route53/output.tf
rename to infrastructure/aws/route53/output.tf
index 5b11401..3aa9385 100644
--- a/modules/aws/route53/output.tf
+++ b/infrastructure/aws/route53/output.tf
@@ -16,4 +16,4 @@ output "private_zone_id" {
 output "private_zone_name" {
   description = "The domain name of the Private Route 53 Hosted Zone"
   value       = aws_route53_zone.private_zone.name
-}
+}
\ No newline at end of file
diff --git a/infrastructure/aws/route53/providers.tf b/infrastructure/aws/route53/providers.tf
new file mode 100644
index 0000000..8b01857
--- /dev/null
+++ b/infrastructure/aws/route53/providers.tf
@@ -0,0 +1,8 @@
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 6.0"
+    }
+  }
+}
\ No newline at end of file
diff --git a/infrastructure/aws/route53/varaibles.tf b/infrastructure/aws/route53/varaibles.tf
new file mode 100644
index 0000000..ab15774
--- /dev/null
+++ b/infrastructure/aws/route53/varaibles.tf
@@ -0,0 +1,8 @@
+variable "vpc_id" {
+  type        = string
+  description = "The VPC id"
+}
+variable "domain_name" {
+  type        = string
+  description = "The domains to project"
+}
\ No newline at end of file
diff --git a/modules/aws/vpc/main.tf b/infrastructure/aws/vpc/main.tf
similarity index 53%
rename from modules/aws/vpc/main.tf
rename to infrastructure/aws/vpc/main.tf
index f504986..25aefde 100644
--- a/modules/aws/vpc/main.tf
+++ b/infrastructure/aws/vpc/main.tf
@@ -1,19 +1,15 @@
 module "vpc" {
   source  = "terraform-aws-modules/vpc/aws"
-  version = "< 6.0.0"
+  version = "~> 6.0"
 
-  name = "nullplatform-vpc-${var.suffix}"
-  cidr = var.vpc["cidr"]
-
-  providers = {
-    aws = aws
-  }
+  name = "${var.organization}-${var.account}"
+  cidr = var.vpc.cidr_block
 
   enable_dns_hostnames = true
 
-  azs             = var.vpc["azs"]
-  private_subnets = var.vpc["private_subnets"]
-  public_subnets  = var.vpc["public_subnets"]
+  azs             = var.vpc.azs
+  private_subnets = var.vpc.private_subnets
+  public_subnets  = var.vpc.public_subnets
 
   enable_nat_gateway = true
   single_nat_gateway = true
diff --git a/infrastructure/aws/vpc/output.tf b/infrastructure/aws/vpc/output.tf
new file mode 100644
index 0000000..9c95a9b
--- /dev/null
+++ b/infrastructure/aws/vpc/output.tf
@@ -0,0 +1,14 @@
+output "vpc_id" {
+  value       = module.vpc.vpc_id
+  description = "ID de la VPC"
+}
+
+output "private_subnets" {
+  value       = module.vpc.private_subnets
+  description = "Subnets privadas"
+}
+
+output "public_subnets" {
+  value       = module.vpc.public_subnets
+  description = "Subnets públicas"
+}
\ No newline at end of file
diff --git a/infrastructure/aws/vpc/providers.tf b/infrastructure/aws/vpc/providers.tf
new file mode 100644
index 0000000..8b01857
--- /dev/null
+++ b/infrastructure/aws/vpc/providers.tf
@@ -0,0 +1,8 @@
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 6.0"
+    }
+  }
+}
\ No newline at end of file
diff --git a/infrastructure/aws/vpc/variables.tf b/infrastructure/aws/vpc/variables.tf
new file mode 100644
index 0000000..326fae6
--- /dev/null
+++ b/infrastructure/aws/vpc/variables.tf
@@ -0,0 +1,19 @@
+variable "vpc" {
+  description = "Configuración de la VPC"
+  type = object({
+    cidr_block      = string
+    azs             = list(string)
+    private_subnets = list(string)
+    public_subnets  = list(string)
+  })
+}
+
+variable "organization" {
+  type        = string
+  description = "A organization name"
+}
+
+variable "account" {
+  type        = string
+  description = "The account name"
+}
\ No newline at end of file
diff --git a/infrastructure/azure/acr/README.md b/infrastructure/azure/acr/README.md
new file mode 100644
index 0000000..f32c551
--- /dev/null
+++ b/infrastructure/azure/acr/README.md
@@ -0,0 +1,42 @@
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | ~> 1.6 |
+| <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) | =4.41.0 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_azurerm"></a> [azurerm](#provider\_azurerm) | =4.41.0 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| <a name="module_containerregistry"></a> [containerregistry](#module\_containerregistry) | azure/avm-res-containerregistry-registry/azurerm | v0.4.0 |
+
+## Resources
+
+| Name | Type |
+|------|------|
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_containerregistry_name"></a> [containerregistry\_name](#input\_containerregistry\_name) | The name of your ACR | `string` | n/a | yes |
+| <a name="input_location"></a> [location](#input\_location) | The location/region where the resource group should be created | `string` | n/a | yes |
+| <a name="input_resource_group_name"></a> [resource\_group\_name](#input\_resource\_group\_name) | The name of the resource group | `string` | n/a | yes |
+| <a name="input_subscription_id"></a> [subscription\_id](#input\_subscription\_id) | The ID of your Azure Suscription | `string` | n/a | yes |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_acr_admin_password"></a> [acr\_admin\_password](#output\_acr\_admin\_password) | Password admin del ACR. |
+| <a name="output_acr_admin_username"></a> [acr\_admin\_username](#output\_acr\_admin\_username) | Usuario admin del ACR. |
+| <a name="output_acr_login_server"></a> [acr\_login\_server](#output\_acr\_login\_server) | FQDN del login server del ACR. |
+<!-- END_TF_DOCS -->
\ No newline at end of file
diff --git a/infrastructure/azure/acr/datasource.tf b/infrastructure/azure/acr/datasource.tf
new file mode 100644
index 0000000..169f758
--- /dev/null
+++ b/infrastructure/azure/acr/datasource.tf
@@ -0,0 +1,5 @@
+data "azurerm_container_registry" "acr" {
+  name                = var.containerregistry_name
+  resource_group_name = var.resource_group_name
+  depends_on          = [module.containerregistry]
+}
\ No newline at end of file
diff --git a/infrastructure/azure/acr/main.tf b/infrastructure/azure/acr/main.tf
new file mode 100644
index 0000000..f9b9fc2
--- /dev/null
+++ b/infrastructure/azure/acr/main.tf
@@ -0,0 +1,10 @@
+module "containerregistry" {
+  source              = "azure/avm-res-containerregistry-registry/azurerm"
+  version             = "v0.4.0"
+  name                = var.containerregistry_name
+  resource_group_name = var.resource_group_name
+  location            = var.location
+  admin_enabled       = true
+
+}
+
diff --git a/infrastructure/azure/acr/output.tf b/infrastructure/azure/acr/output.tf
new file mode 100644
index 0000000..7cd2e76
--- /dev/null
+++ b/infrastructure/azure/acr/output.tf
@@ -0,0 +1,15 @@
+output "acr_login_server" {
+  description = "FQDN del login server del ACR."
+  value       = data.azurerm_container_registry.acr.login_server
+}
+
+output "acr_admin_username" {
+  description = "Usuario admin del ACR."
+  value       = data.azurerm_container_registry.acr.admin_username
+  sensitive   = true
+}
+output "acr_admin_password" {
+  description = "Password admin del ACR."
+  value       = data.azurerm_container_registry.acr.admin_password
+  sensitive   = true
+}
\ No newline at end of file
diff --git a/infrastructure/azure/acr/provider.tf b/infrastructure/azure/acr/provider.tf
new file mode 100644
index 0000000..514092e
--- /dev/null
+++ b/infrastructure/azure/acr/provider.tf
@@ -0,0 +1,17 @@
+terraform {
+  required_version = "~> 1.6"
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = "=4.41.0"
+    }
+  }
+}
+
+provider "azurerm" {
+  features {}
+  resource_provider_registrations = "none"
+  use_cli                         = true
+  subscription_id                 = var.subscription_id
+}
+
diff --git a/infrastructure/azure/acr/variables.tf b/infrastructure/azure/acr/variables.tf
new file mode 100644
index 0000000..042bcbe
--- /dev/null
+++ b/infrastructure/azure/acr/variables.tf
@@ -0,0 +1,21 @@
+variable "location" {
+  type        = string
+  description = "The location/region where the resource group should be created"
+}
+
+variable "resource_group_name" {
+  type        = string
+  description = "The name of the resource group"
+}
+
+variable "containerregistry_name" {
+  type        = string
+  description = "The name of your ACR"
+
+}
+
+variable "subscription_id" {
+  type        = string
+  description = "The ID of your Azure Suscription"
+
+}
\ No newline at end of file
diff --git a/modules/kubernetes/helm/prometheus/output.tf b/infrastructure/azure/aks/main.tf
similarity index 100%
rename from modules/kubernetes/helm/prometheus/output.tf
rename to infrastructure/azure/aks/main.tf
diff --git a/infrastructure/azure/aks/output.tf b/infrastructure/azure/aks/output.tf
new file mode 100644
index 0000000..e69de29
diff --git a/infrastructure/azure/aks/provider.tf b/infrastructure/azure/aks/provider.tf
new file mode 100644
index 0000000..514092e
--- /dev/null
+++ b/infrastructure/azure/aks/provider.tf
@@ -0,0 +1,17 @@
+terraform {
+  required_version = "~> 1.6"
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = "=4.41.0"
+    }
+  }
+}
+
+provider "azurerm" {
+  features {}
+  resource_provider_registrations = "none"
+  use_cli                         = true
+  subscription_id                 = var.subscription_id
+}
+
diff --git a/infrastructure/azure/aks/variables.tf b/infrastructure/azure/aks/variables.tf
new file mode 100644
index 0000000..5909682
--- /dev/null
+++ b/infrastructure/azure/aks/variables.tf
@@ -0,0 +1,3 @@
+variable "subscription_id" {
+  type = string
+}
diff --git a/infrastructure/azure/dns/.terraform.lock.hcl b/infrastructure/azure/dns/.terraform.lock.hcl
new file mode 100644
index 0000000..b0712b1
--- /dev/null
+++ b/infrastructure/azure/dns/.terraform.lock.hcl
@@ -0,0 +1,19 @@
+# This file is maintained automatically by "tofu init".
+# Manual edits may be lost in future updates.
+
+provider "registry.opentofu.org/hashicorp/azurerm" {
+  version     = "4.41.0"
+  constraints = "4.41.0"
+  hashes = [
+    "h1:o5rESeCeMuzdCZweSX0LOcZF3rPlfWs/zowBD5NBjpw=",
+    "zh:0364797d94a75b3b250e189b9aafc2aea29835451414f9a69f5f77eb5e709472",
+    "zh:456692d0a235a376f2efdd45213e99c660ef0fc71872b84f9b421461c45172d9",
+    "zh:4eee07ef555dc11a14e6e2cdd798265f4c24934d3854f3c7f52e0989c425dad3",
+    "zh:6abbbcfe574bf1fb8cd8794493974ff072fa68930c33607ef2c3874a1c8965a0",
+    "zh:9f11caea44a17a12c97105e648bd0464f0df27f6402c7917fea67056709f67a0",
+    "zh:a6745c754d1db8b0f4825b9603cb5092d2aa125de88808b36c51d4f254564027",
+    "zh:a90026a537d640bbf2b0b778e30904e6ea7595c4b283ab1a4ac324302335a5b3",
+    "zh:c8f47c93395e493d892bcf45370f50696af74bc8e5a5cd05f160e72871fc88bf",
+    "zh:f57fd006f03d8c60491e8c579ef03d7933e09c5bf1a7f467a76a29bb68c11e40",
+  ]
+}
diff --git a/infrastructure/azure/dns/README.md b/infrastructure/azure/dns/README.md
new file mode 100644
index 0000000..06fefe9
--- /dev/null
+++ b/infrastructure/azure/dns/README.md
@@ -0,0 +1,38 @@
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | ~> 1.6 |
+| <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) | =4.41.0 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_azurerm"></a> [azurerm](#provider\_azurerm) | =4.41.0 |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_dns_zone.public_dns_zone](https://registry.terraform.io/providers/hashicorp/azurerm/4.41.0/docs/resources/dns_zone) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_domain_name"></a> [domain\_name](#input\_domain\_name) | The domain name to use for the DNS zone | `string` | n/a | yes |
+| <a name="input_resource_group"></a> [resource\_group](#input\_resource\_group) | The name of the resource group | `string` | n/a | yes |
+| <a name="input_subscription_id"></a> [subscription\_id](#input\_subscription\_id) | The Azure subscription Id. | `string` | n/a | yes |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_dns_zone_id"></a> [dns\_zone\_id](#output\_dns\_zone\_id) | The ID of the DNS Zone |
+| <a name="output_dns_zone_name"></a> [dns\_zone\_name](#output\_dns\_zone\_name) | The name of the created DNS Zone |
+| <a name="output_name_servers"></a> [name\_servers](#output\_name\_servers) | A list of name servers |
+| <a name="output_private_dns_zone_id"></a> [private\_dns\_zone\_id](#output\_private\_dns\_zone\_id) | The ID of the private DNS Zone |
+| <a name="output_private_dns_zone_name"></a> [private\_dns\_zone\_name](#output\_private\_dns\_zone\_name) | The name of the private created DNS Zone |
+<!-- END_TF_DOCS -->
\ No newline at end of file
diff --git a/infrastructure/azure/dns/main.tf b/infrastructure/azure/dns/main.tf
new file mode 100644
index 0000000..b755856
--- /dev/null
+++ b/infrastructure/azure/dns/main.tf
@@ -0,0 +1,4 @@
+resource "azurerm_dns_zone" "public_dns_zone" {
+  name                = var.domain_name
+  resource_group_name = var.resource_group
+}
diff --git a/infrastructure/azure/dns/output.tf b/infrastructure/azure/dns/output.tf
new file mode 100644
index 0000000..3562336
--- /dev/null
+++ b/infrastructure/azure/dns/output.tf
@@ -0,0 +1,24 @@
+output "dns_zone_name" {
+  description = "The name of the created DNS Zone"
+  value       = azurerm_dns_zone.public_dns_zone.name
+}
+
+output "dns_zone_id" {
+  description = "The ID of the DNS Zone"
+  value       = azurerm_dns_zone.public_dns_zone.id
+}
+
+output "private_dns_zone_name" {
+  description = "The name of the private created DNS Zone"
+  value       = azurerm_dns_zone.public_dns_zone.name
+}
+
+output "private_dns_zone_id" {
+  description = "The ID of the private DNS Zone"
+  value       = azurerm_dns_zone.public_dns_zone.id
+}
+
+output "name_servers" {
+  description = "A list of name servers"
+  value       = azurerm_dns_zone.public_dns_zone.name_servers
+}
diff --git a/infrastructure/azure/dns/provider.tf b/infrastructure/azure/dns/provider.tf
new file mode 100644
index 0000000..514092e
--- /dev/null
+++ b/infrastructure/azure/dns/provider.tf
@@ -0,0 +1,17 @@
+terraform {
+  required_version = "~> 1.6"
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = "=4.41.0"
+    }
+  }
+}
+
+provider "azurerm" {
+  features {}
+  resource_provider_registrations = "none"
+  use_cli                         = true
+  subscription_id                 = var.subscription_id
+}
+
diff --git a/infrastructure/azure/dns/variables.tf b/infrastructure/azure/dns/variables.tf
new file mode 100644
index 0000000..2d325f1
--- /dev/null
+++ b/infrastructure/azure/dns/variables.tf
@@ -0,0 +1,14 @@
+variable "resource_group" {
+  type        = string
+  description = "The name of the resource group"
+}
+
+variable "domain_name" {
+  type        = string
+  description = "The domain name to use for the DNS zone"
+}
+
+variable "subscription_id" {
+  type        = string
+  description = "The Azure subscription Id."
+}
diff --git a/infrastructure/azure/resource_group/.terraform.lock.hcl b/infrastructure/azure/resource_group/.terraform.lock.hcl
new file mode 100644
index 0000000..b0712b1
--- /dev/null
+++ b/infrastructure/azure/resource_group/.terraform.lock.hcl
@@ -0,0 +1,19 @@
+# This file is maintained automatically by "tofu init".
+# Manual edits may be lost in future updates.
+
+provider "registry.opentofu.org/hashicorp/azurerm" {
+  version     = "4.41.0"
+  constraints = "4.41.0"
+  hashes = [
+    "h1:o5rESeCeMuzdCZweSX0LOcZF3rPlfWs/zowBD5NBjpw=",
+    "zh:0364797d94a75b3b250e189b9aafc2aea29835451414f9a69f5f77eb5e709472",
+    "zh:456692d0a235a376f2efdd45213e99c660ef0fc71872b84f9b421461c45172d9",
+    "zh:4eee07ef555dc11a14e6e2cdd798265f4c24934d3854f3c7f52e0989c425dad3",
+    "zh:6abbbcfe574bf1fb8cd8794493974ff072fa68930c33607ef2c3874a1c8965a0",
+    "zh:9f11caea44a17a12c97105e648bd0464f0df27f6402c7917fea67056709f67a0",
+    "zh:a6745c754d1db8b0f4825b9603cb5092d2aa125de88808b36c51d4f254564027",
+    "zh:a90026a537d640bbf2b0b778e30904e6ea7595c4b283ab1a4ac324302335a5b3",
+    "zh:c8f47c93395e493d892bcf45370f50696af74bc8e5a5cd05f160e72871fc88bf",
+    "zh:f57fd006f03d8c60491e8c579ef03d7933e09c5bf1a7f467a76a29bb68c11e40",
+  ]
+}
diff --git a/infrastructure/azure/resource_group/README.md b/infrastructure/azure/resource_group/README.md
new file mode 100644
index 0000000..abbbca9
--- /dev/null
+++ b/infrastructure/azure/resource_group/README.md
@@ -0,0 +1,36 @@
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | ~> 1.6 |
+| <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) | =4.41.0 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_azurerm"></a> [azurerm](#provider\_azurerm) | =4.41.0 |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_resource_group.nullplatform_resource_group](https://registry.terraform.io/providers/hashicorp/azurerm/4.41.0/docs/resources/resource_group) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_location"></a> [location](#input\_location) | n/a | `string` | n/a | yes |
+| <a name="input_resource_group_name"></a> [resource\_group\_name](#input\_resource\_group\_name) | n/a | `string` | n/a | yes |
+| <a name="input_subscription_id"></a> [subscription\_id](#input\_subscription\_id) | n/a | `string` | n/a | yes |
+| <a name="input_tags"></a> [tags](#input\_tags) | n/a | `map(string)` | n/a | yes |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_resource_group_location"></a> [resource\_group\_location](#output\_resource\_group\_location) | The location of the created resource group |
+| <a name="output_resource_group_name"></a> [resource\_group\_name](#output\_resource\_group\_name) | The name of the created resource group |
+<!-- END_TF_DOCS -->
\ No newline at end of file
diff --git a/infrastructure/azure/resource_group/main.tf b/infrastructure/azure/resource_group/main.tf
new file mode 100644
index 0000000..6a05d88
--- /dev/null
+++ b/infrastructure/azure/resource_group/main.tf
@@ -0,0 +1,5 @@
+resource "azurerm_resource_group" "nullplatform_resource_group" {
+  name     = var.resource_group_name
+  location = var.location
+  tags     = var.tags
+}
\ No newline at end of file
diff --git a/infrastructure/azure/resource_group/output.tf b/infrastructure/azure/resource_group/output.tf
new file mode 100644
index 0000000..cf762cf
--- /dev/null
+++ b/infrastructure/azure/resource_group/output.tf
@@ -0,0 +1,9 @@
+output "resource_group_name" {
+  description = "The name of the created resource group"
+  value       = azurerm_resource_group.nullplatform_resource_group.name
+}
+
+output "resource_group_location" {
+  description = "The location of the created resource group"
+  value       = azurerm_resource_group.nullplatform_resource_group.location
+}
\ No newline at end of file
diff --git a/infrastructure/azure/resource_group/provider.tf b/infrastructure/azure/resource_group/provider.tf
new file mode 100644
index 0000000..514092e
--- /dev/null
+++ b/infrastructure/azure/resource_group/provider.tf
@@ -0,0 +1,17 @@
+terraform {
+  required_version = "~> 1.6"
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = "=4.41.0"
+    }
+  }
+}
+
+provider "azurerm" {
+  features {}
+  resource_provider_registrations = "none"
+  use_cli                         = true
+  subscription_id                 = var.subscription_id
+}
+
diff --git a/infrastructure/azure/resource_group/variable.tf b/infrastructure/azure/resource_group/variable.tf
new file mode 100644
index 0000000..fb14009
--- /dev/null
+++ b/infrastructure/azure/resource_group/variable.tf
@@ -0,0 +1,16 @@
+variable "resource_group_name" {
+  type = string
+}
+
+variable "location" {
+  type = string
+}
+
+variable "tags" {
+  type = map(string)
+
+}
+variable "subscription_id" {
+  type = string
+
+}
\ No newline at end of file
diff --git a/infrastructure/azure/vnet/.terraform.lock.hcl b/infrastructure/azure/vnet/.terraform.lock.hcl
new file mode 100644
index 0000000..9b7831b
--- /dev/null
+++ b/infrastructure/azure/vnet/.terraform.lock.hcl
@@ -0,0 +1,77 @@
+# This file is maintained automatically by "tofu init".
+# Manual edits may be lost in future updates.
+
+provider "registry.opentofu.org/azure/azapi" {
+  version     = "2.6.1"
+  constraints = "~> 2.0, ~> 2.4, ~> 2.5"
+  hashes = [
+    "h1:XR3UFODqLg7M/xbLCJClcQbojEpnbLL7zWHWuhIM3ow=",
+    "zh:079ae1e32ddfc8adff953653bae29e755c1b170f09d39c156af849c7211796fe",
+    "zh:167083f1afb594943a7ce15c1321514d0b49e61239dd72501562cb344542cd7f",
+    "zh:3e534fb7c77ee4b6f6f0ff4ae72052741a865919ebe4ed7565ed50664843441d",
+    "zh:70c0cf7e98f8b09627b99babdb8b88a474c4b3c4cdeedacb3db1cef6850cb87c",
+    "zh:770263c99f6215d4b51e464319b5527f32231ee3b9be8b47b4586614d66ef6d2",
+    "zh:9695b9edf68baf6062d131c771acd0446493200dbefa83a818a5cda445f6f416",
+    "zh:9e36055ed2a5d4d1fad18ab0baa54b2033e824b675966bfaf1293fb5153b028e",
+    "zh:9f0f1949d69008f5dd9ea47a5b7bf81f89e8cf81df8175e44899acbffa6db97b",
+    "zh:a9905e45c32fa9f1ce1fe199b9d01d885e3bb1959290224fd12c0e1971a71c1d",
+    "zh:e1bcb4f0bdb578bbc49780a0019dd7b26d291ad79da414c7b012ebcd4b6e961d",
+    "zh:eba871271888de8f16fbbc9f138658875031253d3fb5feeeea8c8165dc26a86e",
+    "zh:f2b04c71796d1ec2528c460bad7abe943ce120d3d5c6ef7bee66655dd8db44a1",
+  ]
+}
+
+provider "registry.opentofu.org/azure/modtm" {
+  version     = "0.3.5"
+  constraints = "~> 0.3"
+  hashes = [
+    "h1:RmCHYU3U3jDGYruN3Q7PiQqwqg7U4WP3dUDbx1PsyQ4=",
+    "zh:02a54109f2bd30a089a0681eaba8ef9d30b0402a51795597ee7b067f04952417",
+    "zh:0a15492a7257a0979d1f1d501168d1a38ec8c65b11d89d9423349f143d7b7e67",
+    "zh:4ae1d114aec1625f192eb2055eb7301774a8f79340085fbbe7c2d11284ba4cb7",
+    "zh:599201c19e82a227f0739be2150779e42903ba0aa147e96ef219c7f32f926053",
+    "zh:747b1189e679cd7cf77f76fd09609db0ac1ef7189ec3c64accd37af7d0ebe449",
+    "zh:859bc8739ceb9049e7cd98284f22eb9d503cc5b80f9452ee28a518080ebf3903",
+    "zh:8f97c0876b30967b47dfd63546f3843368bc3bc90e98bb42bd33c00ffe2d0b2c",
+    "zh:91183bbea386e6013d0b2a3b1d36a7bfe1595d45f4ee1f4f693d6254d017d334",
+    "zh:ae16303a74c83e0d8f4413d568eaf04c3c0d2b07250dbd7ae07bffae01197f36",
+    "zh:db155386bb65a7fd5569b7d3331de65a259638e8e1c8f8896db969f4599504a9",
+    "zh:e39e6089c8a17a4b26b59c95050bd0e19fc0a09a14314cfa139053269b6d5f8d",
+    "zh:ec880b514fc3bd8d07e5d66a0c528fd6d83ae62d6588df4939b1f6ea509f0b24",
+  ]
+}
+
+provider "registry.opentofu.org/hashicorp/azurerm" {
+  version     = "4.41.0"
+  constraints = "~> 4.0, 4.41.0"
+  hashes = [
+    "h1:o5rESeCeMuzdCZweSX0LOcZF3rPlfWs/zowBD5NBjpw=",
+    "zh:0364797d94a75b3b250e189b9aafc2aea29835451414f9a69f5f77eb5e709472",
+    "zh:456692d0a235a376f2efdd45213e99c660ef0fc71872b84f9b421461c45172d9",
+    "zh:4eee07ef555dc11a14e6e2cdd798265f4c24934d3854f3c7f52e0989c425dad3",
+    "zh:6abbbcfe574bf1fb8cd8794493974ff072fa68930c33607ef2c3874a1c8965a0",
+    "zh:9f11caea44a17a12c97105e648bd0464f0df27f6402c7917fea67056709f67a0",
+    "zh:a6745c754d1db8b0f4825b9603cb5092d2aa125de88808b36c51d4f254564027",
+    "zh:a90026a537d640bbf2b0b778e30904e6ea7595c4b283ab1a4ac324302335a5b3",
+    "zh:c8f47c93395e493d892bcf45370f50696af74bc8e5a5cd05f160e72871fc88bf",
+    "zh:f57fd006f03d8c60491e8c579ef03d7933e09c5bf1a7f467a76a29bb68c11e40",
+  ]
+}
+
+provider "registry.opentofu.org/hashicorp/random" {
+  version     = "3.7.2"
+  constraints = "~> 3.5"
+  hashes = [
+    "h1:cFGCdxTlsrteTiaOV/iOQdql7eJkD3F/vtJxenkj9IE=",
+    "zh:2ffeb1058bd7b21a9e15a5301abb863053a2d42dffa3f6cf654a1667e10f4727",
+    "zh:519319ed8f4312ed76519652ad6cd9f98bc75cf4ec7990a5684c072cf5dd0a5d",
+    "zh:7371c2cc28c94deb9dba62fbac2685f7dde47f93019273a758dd5a2794f72919",
+    "zh:9b0ac4c1d8e36a86b59ced94fa517ae9b015b1d044b3455465cc6f0eab70915d",
+    "zh:c6336d7196f1318e1cbb120b3de8426ce43d4cacd2c75f45dba2dbdba666ce00",
+    "zh:c71f18b0cb5d55a103ea81e346fb56db15b144459123f1be1b0209cffc1deb4e",
+    "zh:d2dc49a6cac2d156e91b0506d6d756809e36bf390844a187f305094336d3e8d8",
+    "zh:d5b5fc881ccc41b268f952dae303501d6ec9f9d24ee11fe2fa56eed7478e15d0",
+    "zh:db9723eaca26d58c930e13fde221d93501529a5cd036b1f167ef8cff6f1a03cc",
+    "zh:fe3359f733f3ab518c6f85f3a9cd89322a7143463263f30321de0973a52d4ad8",
+  ]
+}
diff --git a/infrastructure/azure/vnet/README.md b/infrastructure/azure/vnet/README.md
new file mode 100644
index 0000000..aabb85f
--- /dev/null
+++ b/infrastructure/azure/vnet/README.md
@@ -0,0 +1,31 @@
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | ~> 1.6 |
+| <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) | =4.41.0 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| <a name="module_avm-res-network-virtualnetwork"></a> [avm-res-network-virtualnetwork](#module\_avm-res-network-virtualnetwork) | azure/avm-res-network-virtualnetwork/azurerm | v0.10.0 |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_address_space"></a> [address\_space](#input\_address\_space) | The cidr of your vnet | `set(string)` | n/a | yes |
+| <a name="input_location"></a> [location](#input\_location) | The location/region where the resource group should be created | `string` | n/a | yes |
+| <a name="input_resource_group_name"></a> [resource\_group\_name](#input\_resource\_group\_name) | The name of the resource group | `string` | n/a | yes |
+| <a name="input_subnets_definition"></a> [subnets\_definition](#input\_subnets\_definition) | The subnet definition for the vnet | <pre>map(object({<br/>    name             = string<br/>    address_prefixes = list(string)<br/>  }))</pre> | n/a | yes |
+| <a name="input_subscription_id"></a> [subscription\_id](#input\_subscription\_id) | The id of your azure suscription | `string` | n/a | yes |
+| <a name="input_vnet_name"></a> [vnet\_name](#input\_vnet\_name) | The name of your vnet | `string` | n/a | yes |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_resource_id"></a> [resource\_id](#output\_resource\_id) | The resource ID of the virtual network. |
+<!-- END_TF_DOCS -->
\ No newline at end of file
diff --git a/infrastructure/azure/vnet/main.tf b/infrastructure/azure/vnet/main.tf
new file mode 100644
index 0000000..dd6fdec
--- /dev/null
+++ b/infrastructure/azure/vnet/main.tf
@@ -0,0 +1,12 @@
+
+module "avm-res-network-virtualnetwork" {
+  source              = "azure/avm-res-network-virtualnetwork/azurerm"
+  version             = "v0.10.0"
+  address_space       = var.address_space
+  name                = var.vnet_name
+  location            = var.location
+  resource_group_name = var.resource_group_name
+  subnets             = var.subnets_definition
+}
+
+
diff --git a/infrastructure/azure/vnet/output.tf b/infrastructure/azure/vnet/output.tf
new file mode 100644
index 0000000..1b025c1
--- /dev/null
+++ b/infrastructure/azure/vnet/output.tf
@@ -0,0 +1,5 @@
+
+output "resource_id" {
+  description = "The resource ID of the virtual network."
+  value       = module.avm-res-network-virtualnetwork.resource_id
+}
\ No newline at end of file
diff --git a/infrastructure/azure/vnet/provider.tf b/infrastructure/azure/vnet/provider.tf
new file mode 100644
index 0000000..514092e
--- /dev/null
+++ b/infrastructure/azure/vnet/provider.tf
@@ -0,0 +1,17 @@
+terraform {
+  required_version = "~> 1.6"
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = "=4.41.0"
+    }
+  }
+}
+
+provider "azurerm" {
+  features {}
+  resource_provider_registrations = "none"
+  use_cli                         = true
+  subscription_id                 = var.subscription_id
+}
+
diff --git a/infrastructure/azure/vnet/variables.tf b/infrastructure/azure/vnet/variables.tf
new file mode 100644
index 0000000..80db5e9
--- /dev/null
+++ b/infrastructure/azure/vnet/variables.tf
@@ -0,0 +1,46 @@
+variable "location" {
+  type        = string
+  description = "The location/region where the resource group should be created"
+}
+
+variable "resource_group_name" {
+  type        = string
+  description = "The name of the resource group"
+}
+
+variable "vnet_name" {
+  type        = string
+  description = "The name of your vnet"
+}
+
+variable "address_space" {
+  type        = set(string)
+  description = "The cidr of your vnet"
+}
+
+variable "subnets_definition" {
+  type = map(object({
+    name             = string
+    address_prefixes = list(string)
+  }))
+  description = "The subnet definition for the vnet"
+}
+/*
+   for example
+   {
+    "subnet1" = {
+      name             = "subnet1"
+      address_prefixes = ["10.0.0.0/24"]
+    }
+    "subnet2" = {
+      name             = "subnet2"
+      address_prefixes = ["10.0.1.0/24"]
+    }
+  }
+  */
+
+variable "subscription_id" {
+  type        = string
+  description = "The id of your azure suscription"
+
+}
\ No newline at end of file
diff --git a/infrastructure/commons/cert-manager/locals.tf b/infrastructure/commons/cert-manager/locals.tf
new file mode 100644
index 0000000..1ed0019
--- /dev/null
+++ b/infrastructure/commons/cert-manager/locals.tf
@@ -0,0 +1,25 @@
+locals {
+  helm_values = templatefile("${path.module}/templates/cert_manager_values.tmpl.yaml", {
+    hosted_zone_name = var.hosted_zone_name
+    account_slug     = var.account_slug
+
+    # GCP
+    gcp_enabled             = var.gcp_enabled
+    gcp_service_account_key = var.gcp_service_account_key
+
+    # Azure
+    azure_enabled             = var.azure_enabled
+    azure_subscription_id     = var.azure_subscription_id
+    azure_resource_group_name = var.azure_resource_group_name
+    azure_client_id           = var.azure_client_id
+    azure_secret_key          = var.azure_secret_key
+    azure_client_secret       = var.azure_client_secret
+    azure_tenant_id           = var.azure_tenant_id
+    azure_hosted_zone_name    = var.azure_hosted_zone_name
+
+    # Cloudflare
+    cloudflare_enabled     = var.cloudflare_enabled
+    cloudflare_secret_name = var.cloudflare_secret_name
+    cloudflare_token       = var.cloudflare_token
+  })
+}
\ No newline at end of file
diff --git a/infrastructure/commons/cert-manager/main.tf b/infrastructure/commons/cert-manager/main.tf
new file mode 100644
index 0000000..daf6934
--- /dev/null
+++ b/infrastructure/commons/cert-manager/main.tf
@@ -0,0 +1,27 @@
+resource "helm_release" "cert_manager" {
+  name             = "cert-manager"
+  repository       = "https://charts.jetstack.io"
+  chart            = "cert-manager"
+  namespace        = var.cert_manager_namespace
+  create_namespace = true
+  version          = var.cert_manager_version
+
+  set = [{
+    name  = "crds.enabled"
+    value = "true"
+    }
+  ]
+}
+
+
+resource "helm_release" "cert_manager_config" {
+  name             = "cert-manager-config"
+  repository       = "https://nullplatform.github.io/helm-charts"
+  chart            = "nullplatform-cert-manager-config"
+  create_namespace = true
+  version          = var.cert_manager_config_version
+  namespace        = var.cert_manager_namespace
+
+  values = [local.helm_values]
+}
+
diff --git a/infrastructure/commons/cert-manager/provider.tf b/infrastructure/commons/cert-manager/provider.tf
new file mode 100644
index 0000000..bc34018
--- /dev/null
+++ b/infrastructure/commons/cert-manager/provider.tf
@@ -0,0 +1,17 @@
+terraform {
+  required_providers {
+    helm = {
+      source  = "hashicorp/helm"
+      version = "~> 3.0"
+    }
+  }
+}
+provider "helm" {
+  kubernetes = {
+    config_path    = var.kubeconfig_path
+    config_context = var.kube_context
+  }
+}
+provider "kubernetes" {
+  config_path = var.kubeconfig_path
+}
diff --git a/infrastructure/commons/cert-manager/templates/cert_manager_values.tmpl.yaml b/infrastructure/commons/cert-manager/templates/cert_manager_values.tmpl.yaml
new file mode 100644
index 0000000..821b03c
--- /dev/null
+++ b/infrastructure/commons/cert-manager/templates/cert_manager_values.tmpl.yaml
@@ -0,0 +1,24 @@
+hostedZoneName: "${hosted_zone_name}"
+
+nullPlatform:
+  accountSlug: "${account_slug}"
+
+gcp:
+  enabled: ${gcp_enabled}
+  serviceAccountKey: |-
+    ${gcp_service_account_key}
+
+azure:
+  enabled: ${azure_enabled}
+  subscriptionID: "${azure_subscription_id}"
+  resourceGroupName: "${azure_resource_group_name}"
+  clientID: "${azure_client_id}"
+  secretKey: "${azure_secret_key}"   # ej: "client-secret"
+  clientSecret: "${azure_client_secret}"
+  tenantID: "${azure_tenant_id}"
+  hostedZoneName: "${azure_hosted_zone_name}"
+
+cloudflare:
+  enabled: ${cloudflare_enabled}
+  secretName: "${cloudflare_secret_name}"
+  apiToken: "${cloudflare_token}"
diff --git a/infrastructure/commons/cert-manager/variables.tf b/infrastructure/commons/cert-manager/variables.tf
new file mode 100644
index 0000000..e20d2c7
--- /dev/null
+++ b/infrastructure/commons/cert-manager/variables.tf
@@ -0,0 +1,127 @@
+
+variable "kubeconfig_path" {
+  type    = string
+  default = "~/.kube/config"
+}
+variable "kube_context" {
+  type    = string
+  default = null # o el nombre de tu context
+}
+variable "cert_manager_version" {
+  type    = string
+  default = "1.18.2"
+
+}
+variable "cert_manager_namespace" {
+  type    = string
+  default = "cert-manager"
+}
+
+variable "cert_manager_config_version" {
+  type    = string
+  default = "2.10.0"
+
+}
+
+variable "hosted_zone_name" {
+  description = "Hosted zone name (if applicable)."
+  type        = string
+  default     = ""
+}
+
+variable "account_slug" {
+  description = "NullPlatform account slug."
+  type        = string
+  default     = ""
+}
+
+# --- GCP ---
+variable "gcp_enabled" {
+  description = "Enable GCP (Cloud DNS) solver in cert-manager."
+  type        = bool
+  default     = false
+}
+
+variable "gcp_service_account_key" {
+  description = "Contents of the Service Account JSON for Cloud DNS (use file() if reading from disk)."
+  type        = string
+  sensitive   = true
+  default     = ""
+}
+
+# --- Azure ---
+variable "azure_enabled" {
+  description = "Enable Azure DNS solver in cert-manager."
+  type        = bool
+  default     = false
+}
+
+variable "azure_subscription_id" {
+  description = "Azure Subscription ID."
+  type        = string
+  default     = ""
+}
+
+variable "azure_resource_group_name" {
+  description = "Azure Resource Group that contains the DNS zone."
+  type        = string
+  default     = ""
+}
+
+variable "azure_client_id" {
+  description = "Azure App (Client) ID for authentication."
+  type        = string
+  default     = ""
+}
+
+variable "azure_secret_key" {
+  description = "Key name inside the Azure Secret that holds the client secret (default 'client-secret')."
+  type        = string
+  default     = "client-secret"
+}
+
+variable "azure_client_secret" {
+  description = "Azure App Client Secret (value)."
+  type        = string
+  sensitive   = true
+  default     = ""
+}
+
+variable "azure_tenant_id" {
+  description = "Azure Tenant ID."
+  type        = string
+  default     = ""
+}
+
+variable "azure_hosted_zone_name" {
+  description = "Hosted zone name in Azure DNS."
+  type        = string
+  default     = ""
+}
+
+# --- Cloudflare ---
+variable "cloudflare_enabled" {
+  description = "Enable Cloudflare DNS-01 solver in cert-manager."
+  type        = bool
+  default     = false
+}
+
+variable "cloudflare_secret_name" {
+  description = "Kubernetes Secret name that stores the Cloudflare API Token."
+  type        = string
+  default     = "cloudflare-api-token-secret"
+}
+
+variable "cloudflare_token" {
+  description = "Cloudflare API Token (minimum permissions: Zone:DNS:Edit + Zone:Read)."
+  type        = string
+  sensitive   = true
+  default     = ""
+  validation {
+    condition     = !var.cloudflare_enabled || length(var.cloudflare_token) > 0
+    error_message = "When cloudflare_enabled is true, cloudflare_api_token must not be empty."
+  }
+}
+
+
+
diff --git a/infrastructure/commons/external-dns/locals.tf b/infrastructure/commons/external-dns/locals.tf
new file mode 100644
index 0000000..6d2ff1a
--- /dev/null
+++ b/infrastructure/commons/external-dns/locals.tf
@@ -0,0 +1,9 @@
+locals {
+  external_dns_values = templatefile("${path.module}/templates/external_dns_values.tmpl.yaml", {
+    domain            = var.domain
+    txt_owner_id      = var.txt_owner_id
+    dns_provider_name = var.dns_provider_name
+    extra_args        = var.extra_args
+  })
+  create_cf_secret = lower(var.dns_provider_name) == "cloudflare"
+}
\ No newline at end of file
diff --git a/infrastructure/commons/external-dns/main.tf b/infrastructure/commons/external-dns/main.tf
new file mode 100644
index 0000000..11ffb97
--- /dev/null
+++ b/infrastructure/commons/external-dns/main.tf
@@ -0,0 +1,11 @@
+resource "helm_release" "external_dns" {
+  name             = "external-dns"
+  repository       = "https://kubernetes-sigs.github.io/external-dns/"
+  chart            = "external-dns"
+  namespace        = var.externa_dns_namespace
+  create_namespace = true
+  version          = var.external_dns_version
+
+  values     = [local.external_dns_values]
+  depends_on = [kubernetes_secret_v1.external_dns_cloudflare]
+}
diff --git a/infrastructure/commons/external-dns/provider.tf b/infrastructure/commons/external-dns/provider.tf
new file mode 100644
index 0000000..bc34018
--- /dev/null
+++ b/infrastructure/commons/external-dns/provider.tf
@@ -0,0 +1,17 @@
+terraform {
+  required_providers {
+    helm = {
+      source  = "hashicorp/helm"
+      version = "~> 3.0"
+    }
+  }
+}
+provider "helm" {
+  kubernetes = {
+    config_path    = var.kubeconfig_path
+    config_context = var.kube_context
+  }
+}
+provider "kubernetes" {
+  config_path = var.kubeconfig_path
+}
diff --git a/infrastructure/commons/external-dns/secret.tf b/infrastructure/commons/external-dns/secret.tf
new file mode 100644
index 0000000..07fa11b
--- /dev/null
+++ b/infrastructure/commons/external-dns/secret.tf
@@ -0,0 +1,16 @@
+resource "kubernetes_secret_v1" "external_dns_cloudflare" {
+  count = local.create_cf_secret ? 1 : 0
+
+  metadata {
+    name      = "external-dns-cloudflare"
+    namespace = var.externa_dns_namespace
+  }
+
+  type = "Opaque"
+
+
+  data = {
+    "api-token" = var.cloudflare_token
+  }
+}
+
diff --git a/infrastructure/commons/external-dns/templates/external_dns_values.tmpl.yaml b/infrastructure/commons/external-dns/templates/external_dns_values.tmpl.yaml
new file mode 100644
index 0000000..ef30303
--- /dev/null
+++ b/infrastructure/commons/external-dns/templates/external_dns_values.tmpl.yaml
@@ -0,0 +1,55 @@
+provider:
+  name: "${dns_provider_name}"
+
+sources:
+  - crd
+
+domainFilters:
+  - "${domain}"
+
+policy: "upsert-only"
+registry: "txt"
+txtOwnerId: "${txt_owner_id}"
+interval: "1m"
+logLevel: "info"
+
+
+env:
+  - name: CF_API_TOKEN
+    valueFrom:
+      secretKeyRef:
+        name: "external-dns-cloudflare"
+        key: "api-token"
+
+extraArgs:
+%{ for arg in extra_args ~}
+  - "${arg}"
+%{ endfor ~}
+
+serviceAccount:
+  create: true
+  name: "external-dns"
+
+rbac:
+  create: true
+
+resources:
+  requests:
+    cpu: "50m"
+    memory: "128Mi"
+  limits:
+    memory: "256Mi"
+
+
+securityContext:
+  runAsNonRoot: true
+  runAsUser: 65532
+  runAsGroup: 65532
+  readOnlyRootFilesystem: true
+  capabilities:
+    drop:
+      - ALL
+
+podSecurityContext:
+  fsGroup: 65534
+  runAsNonRoot: true
\ No newline at end of file
diff --git a/infrastructure/commons/external-dns/variables.tf b/infrastructure/commons/external-dns/variables.tf
new file mode 100644
index 0000000..8aceb2e
--- /dev/null
+++ b/infrastructure/commons/external-dns/variables.tf
@@ -0,0 +1,44 @@
+variable "external_dns_version" {
+  type    = string
+  default = "1.19.0"
+
+}
+
+variable "externa_dns_namespace" {
+  type = string
+}
+variable "domain" {
+  type = string
+
+}
+
+variable "txt_owner_id" {
+  type = string
+
+}
+
+variable "cloudflare_token" {
+  type      = string
+  sensitive = true
+
+}
+
+variable "dns_provider_name" {
+  type        = string
+  description = "dns provider"
+
+}
+
+variable "extra_args" {
+  type    = list(string)
+  default = [""]
+}
+
+variable "kubeconfig_path" {
+  type    = string
+  default = "~/.kube/config"
+}
+variable "kube_context" {
+  type    = string
+  default = null # o el nombre de tu context
+}
\ No newline at end of file
diff --git a/infrastructure/commons/istio/locals.tf b/infrastructure/commons/istio/locals.tf
new file mode 100644
index 0000000..5e0e83b
--- /dev/null
+++ b/infrastructure/commons/istio/locals.tf
@@ -0,0 +1,4 @@
+locals {
+  repository = "https://istio-release.storage.googleapis.com/charts"
+  namespace  = "istio-system"
+}
\ No newline at end of file
diff --git a/modules/kubernetes/helm/istio/main.tf b/infrastructure/commons/istio/main.tf
similarity index 79%
rename from modules/kubernetes/helm/istio/main.tf
rename to infrastructure/commons/istio/main.tf
index 9d51358..8fc3a0a 100644
--- a/modules/kubernetes/helm/istio/main.tf
+++ b/infrastructure/commons/istio/main.tf
@@ -1,13 +1,11 @@
-locals {
-  repository = "https://istio-release.storage.googleapis.com/charts"
-  namespace  = "istio-system"
-}
+
 resource "helm_release" "istio_base" {
   name             = "istio-base"
   repository       = local.repository
   chart            = "base"
   namespace        = local.namespace
   create_namespace = true
+  version          = var.istio_base_version
 }
 
 resource "helm_release" "istiod" {
@@ -16,6 +14,7 @@ resource "helm_release" "istiod" {
   repository = local.repository
   chart      = "istiod"
   namespace  = local.namespace
+  version    = var.istiod_version
 }
 
 # Setup Istio Gateway using Helm
@@ -25,9 +24,6 @@ resource "helm_release" "istio_ingressgateway" {
   repository = local.repository
   chart      = "gateway"
   namespace  = local.namespace
+  version    = var.istio_ingressgateway_version
 
-  set {
-    name  = "platform"
-    value = "demo"
-  }
 }
diff --git a/infrastructure/commons/istio/provider.tf b/infrastructure/commons/istio/provider.tf
new file mode 100644
index 0000000..bc34018
--- /dev/null
+++ b/infrastructure/commons/istio/provider.tf
@@ -0,0 +1,17 @@
+terraform {
+  required_providers {
+    helm = {
+      source  = "hashicorp/helm"
+      version = "~> 3.0"
+    }
+  }
+}
+provider "helm" {
+  kubernetes = {
+    config_path    = var.kubeconfig_path
+    config_context = var.kube_context
+  }
+}
+provider "kubernetes" {
+  config_path = var.kubeconfig_path
+}
diff --git a/infrastructure/commons/istio/variables.tf b/infrastructure/commons/istio/variables.tf
new file mode 100644
index 0000000..ab69024
--- /dev/null
+++ b/infrastructure/commons/istio/variables.tf
@@ -0,0 +1,26 @@
+variable "istio_base_version" {
+  type    = string
+  default = "1.27.1"
+
+}
+
+variable "istio_ingressgateway_version" {
+  type    = string
+  default = "1.27.1"
+
+}
+
+variable "istiod_version" {
+  type    = string
+  default = "1.27.1"
+
+}
+
+variable "kubeconfig_path" {
+  type    = string
+  default = "~/.kube/config"
+}
+variable "kube_context" {
+  type    = string
+  default = null # o el nombre de tu context
+}
\ No newline at end of file
diff --git a/infrastructure/gcp/example b/infrastructure/gcp/example
new file mode 100644
index 0000000..e69de29
diff --git a/modules/README.md b/modules/README.md
deleted file mode 100644
index 5ca9045..0000000
--- a/modules/README.md
+++ /dev/null
@@ -1,23 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-No providers.
-
-## Modules
-
-No modules.
-
-## Resources
-
-No resources.
-
-## Inputs
-
-No inputs.
-
-## Outputs
-
-No outputs.
diff --git a/modules/aws/acm/README.md b/modules/aws/acm/README.md
deleted file mode 100644
index f7a1027..0000000
--- a/modules/aws/acm/README.md
+++ /dev/null
@@ -1,37 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.87.0 |
-
-## Modules
-
-No modules.
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [aws_acm_certificate.cert](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/acm_certificate) | resource |
-| [aws_acm_certificate_validation.cert_validation](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/acm_certificate_validation) | resource |
-| [aws_route53_record.cert_validation](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record) | resource |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_account"></a> [account](#input\_account) | nullplatform default account slug | `string` | n/a | yes |
-| <a name="input_domain_name"></a> [domain\_name](#input\_domain\_name) | n/a | `string` | n/a | yes |
-| <a name="input_organization"></a> [organization](#input\_organization) | nullplatform organization slug | `string` | n/a | yes |
-| <a name="input_zone_id"></a> [zone\_id](#input\_zone\_id) | Route53 Zone ID where certificate will be validated | `string` | n/a | yes |
-
-## Outputs
-
-| Name | Description |
-|------|-------------|
-| <a name="output_acm_certificate_arn"></a> [acm\_certificate\_arn](#output\_acm\_certificate\_arn) | The ARN of the ACM certificate |
-| <a name="output_acm_certificate_domain_name"></a> [acm\_certificate\_domain\_name](#output\_acm\_certificate\_domain\_name) | The domain name for which the ACM certificate is issued |
diff --git a/modules/aws/acm/backend.tf b/modules/aws/acm/backend.tf
deleted file mode 100644
index f2702bf..0000000
--- a/modules/aws/acm/backend.tf
+++ /dev/null
@@ -1,7 +0,0 @@
-terraform {
-  required_providers {
-    aws = {
-      source = "hashicorp/aws"
-    }
-  }
-}
diff --git a/modules/aws/acm/variables.tf b/modules/aws/acm/variables.tf
deleted file mode 100644
index 988c7a8..0000000
--- a/modules/aws/acm/variables.tf
+++ /dev/null
@@ -1,18 +0,0 @@
-variable "zone_id" {
-  description = "Route53 Zone ID where certificate will be validated"
-  type        = string
-}
-
-variable "domain_name" {
-  type = string
-}
-
-variable "organization" {
-  type        = string
-  description = "nullplatform organization slug"
-}
-
-variable "account" {
-  type        = string
-  description = "nullplatform default account slug"
-}
diff --git a/modules/aws/alb/.terraform.lock.hcl b/modules/aws/alb/.terraform.lock.hcl
deleted file mode 100644
index 3904efc..0000000
--- a/modules/aws/alb/.terraform.lock.hcl
+++ /dev/null
@@ -1,19 +0,0 @@
-# This file is maintained automatically by "tofu init".
-# Manual edits may be lost in future updates.
-
-provider "registry.opentofu.org/hashicorp/aws" {
-  version = "5.87.0"
-  hashes = [
-    "h1:EDxEPPJt3z1s7LPaTfW4skOwStwIKUa4pRvY1U7fb9U=",
-    "zh:0ff0c91bcb9432ea0ae34f0f05e2bcb27d13e416b055b27dd1839277e7828dab",
-    "zh:170c075f97104cb40d88e701f3c9eae4dab08f078f6242d23792059db0a9d290",
-    "zh:49fdaac4023d445827577c036931e4bce1d8cbe9b41356beafe350a2259abd38",
-    "zh:5ed588793045b865d9bd7a867d25b2d1a815bcd3c318f46268dcdeb518345191",
-    "zh:6716747fedd73acdacaf6374ad9ca633a211a530da249086f6fb6af3fe9155fa",
-    "zh:8dae238b36bb4888baa6053b056c5c35382aa946dbbe00022ad9f59d461ba7c6",
-    "zh:9dcad763c2e7e6b0999044eebbca347a3fcc3e28778fa99f74cc25316d4ea723",
-    "zh:a86ca3a4f3ce991c7ab9906989ed9f352a3b9b34febb7a82b39fc2b6f12a58f5",
-    "zh:b964f15192fc89c12510f81bb6980bac19ae39138cdee727b5320757bcefff89",
-    "zh:cca503c8a46df411dcc482b3d352b522de44fcadfec35611bb7658bcdd785c43",
-  ]
-}
diff --git a/modules/aws/alb/balancer.tf b/modules/aws/alb/balancer.tf
deleted file mode 100644
index 07b4e2c..0000000
--- a/modules/aws/alb/balancer.tf
+++ /dev/null
@@ -1,73 +0,0 @@
-resource "aws_lb" "null-main-balancer" {
-  name               = substr("null-main-balancer-${var.suffix}", 0, 32)
-  internal           = false
-  load_balancer_type = "application"
-  security_groups    = [aws_security_group.null-main-balancer.id]
-  subnets            = var.public_subnet_ids
-}
-
-
-resource "aws_lb_target_group" "default_target_group" {
-  name     = "default-${var.suffix}-tg"
-  port     = 80
-  protocol = "HTTP"
-  vpc_id   = var.vpc_id
-  health_check {
-    path     = "/health"
-    protocol = "HTTP"
-  }
-}
-
-resource "aws_lb_listener" "null-main-listener-http" {
-  load_balancer_arn = aws_lb.null-main-balancer.arn
-  port              = "80"
-  protocol          = "HTTP"
-
-  default_action {
-    type             = "forward"
-    target_group_arn = aws_lb_target_group.default_target_group.arn
-  }
-}
-
-resource "aws_lb_listener" "null-main-listener-https" {
-  load_balancer_arn = aws_lb.null-main-balancer.arn
-  port              = "443"
-  protocol          = "HTTPS"
-  ssl_policy        = "ELBSecurityPolicy-TLS-1-2-2017-01"
-  certificate_arn   = var.certificate_arn
-  default_action {
-    type             = "forward"
-    target_group_arn = aws_lb_target_group.default_target_group.arn
-  }
-}
-
-resource "aws_lb" "null-main-balancer-internal" {
-  name               = substr("null-main-balancer-internal-${var.suffix}", 0, 32)
-  internal           = true
-  load_balancer_type = "application"
-  security_groups    = [aws_security_group.null-main-balancer.id]
-  subnets            = var.private_subnet_ids
-}
-resource "aws_lb_listener" "null-main-internal-listener-https" {
-  load_balancer_arn = aws_lb.null-main-balancer-internal.arn
-  port              = "443"
-  protocol          = "HTTPS"
-  ssl_policy        = "ELBSecurityPolicy-TLS-1-2-2017-01"
-  certificate_arn   = var.certificate_arn
-  default_action {
-    type             = "forward"
-    target_group_arn = aws_lb_target_group.default_target_group_internal.arn
-  }
-}
-
-resource "aws_lb_target_group" "default_target_group_internal" {
-  name     = "default-internal-${var.suffix}-tg"
-  port     = 80
-  protocol = "HTTP"
-  vpc_id   = var.vpc_id
-  health_check {
-    path     = "/health"
-    protocol = "HTTP"
-  }
-}
-
diff --git a/modules/aws/alb/outputs.tf b/modules/aws/alb/outputs.tf
deleted file mode 100644
index a700b2a..0000000
--- a/modules/aws/alb/outputs.tf
+++ /dev/null
@@ -1,21 +0,0 @@
-output "security_group_ids" {
-  description = "A list of SGs to attach to ec2 or lambda"
-  value       = [aws_security_group.http-instance.id]
-}
-output "private_load_balancer_arn" {
-  description = "The private LB arn"
-  value       = aws_lb.null-main-balancer-internal.arn
-}
-output "private_load_balancer_listener_arn" {
-  description = "The private LB Listener arn"
-  value       = aws_lb_listener.null-main-internal-listener-https.arn
-}
-output "public_load_balancer_arn" {
-  description = "The public LB arn"
-  value       = aws_lb.null-main-balancer.arn
-
-}
-output "public_load_balancer_listener_arn" {
-  description = "The public LB listener arn"
-  value       = aws_lb_listener.null-main-listener-https.arn
-}
diff --git a/modules/aws/alb/security-groups.tf b/modules/aws/alb/security-groups.tf
deleted file mode 100644
index 99c909d..0000000
--- a/modules/aws/alb/security-groups.tf
+++ /dev/null
@@ -1,75 +0,0 @@
-resource "aws_security_group" "null-main-balancer" {
-  vpc_id = var.vpc_id
-
-  tags = {
-    Name = "load_balancer"
-  }
-}
-
-resource "aws_vpc_security_group_ingress_rule" "allow_lb_https" {
-  security_group_id = aws_security_group.null-main-balancer.id
-  cidr_ipv4         = "0.0.0.0/0"
-  from_port         = 443
-  ip_protocol       = "tcp"
-  to_port           = 443
-}
-
-resource "aws_vpc_security_group_ingress_rule" "allow_lb_http" {
-  security_group_id = aws_security_group.null-main-balancer.id
-  cidr_ipv4         = "0.0.0.0/0"
-  from_port         = 80
-  ip_protocol       = "tcp"
-  to_port           = 80
-}
-
-resource "aws_vpc_security_group_egress_rule" "allow_lb_all" {
-  security_group_id = aws_security_group.null-main-balancer.id
-
-  cidr_ipv4   = "0.0.0.0/0"
-  from_port   = -1
-  ip_protocol = -1
-  to_port     = -1
-}
-
-resource "aws_security_group" "http-instance" {
-  vpc_id = var.vpc_id
-
-  //If you do not add this rule, you can not reach the NGIX
-  tags = {
-    Name = "http-instance"
-  }
-}
-
-resource "aws_vpc_security_group_ingress_rule" "allow_instance_http" {
-  security_group_id            = aws_security_group.http-instance.id
-  referenced_security_group_id = aws_security_group.null-main-balancer.id
-  from_port                    = 80
-  ip_protocol                  = "tcp"
-  to_port                      = 80
-}
-
-resource "aws_vpc_security_group_ingress_rule" "allow_instance_http_default_null" {
-  security_group_id = aws_security_group.http-instance.id
-  cidr_ipv4         = var.vpc_cidr
-  from_port         = 8080
-  ip_protocol       = "tcp"
-  to_port           = 8080
-}
-
-resource "aws_vpc_security_group_ingress_rule" "allow_instance_ssh" {
-  security_group_id = aws_security_group.http-instance.id
-  cidr_ipv4         = var.vpc_cidr
-  from_port         = 22
-  ip_protocol       = "tcp"
-  to_port           = 22
-}
-
-resource "aws_vpc_security_group_egress_rule" "allow_instance_all" {
-  security_group_id = aws_security_group.http-instance.id
-
-  cidr_ipv4   = "0.0.0.0/0"
-  from_port   = -1
-  ip_protocol = -1
-  to_port     = -1
-}
-
diff --git a/modules/aws/alb/variables.tf b/modules/aws/alb/variables.tf
deleted file mode 100644
index eab05f1..0000000
--- a/modules/aws/alb/variables.tf
+++ /dev/null
@@ -1,30 +0,0 @@
-variable "certificate_arn" {
-  type        = string
-  description = "The certificate arn to use with the LB"
-}
-
-variable "vpc_id" {
-  type        = string
-  description = "The VPC id where the load balancer will be deployed"
-}
-
-variable "vpc_cidr" {
-  type        = string
-  description = "The VPC cidr used for the whole setup"
-}
-
-variable "public_subnet_ids" {
-  type        = list(string)
-  description = "List of public subnet ids to associate to the LB"
-}
-
-variable "private_subnet_ids" {
-  type        = list(string)
-  description = "List of public subnet ids to associate to the LB"
-}
-
-variable "suffix" {
-  type        = string
-  description = "A suffix for the bucket name"
-}
-
diff --git a/modules/aws/bucket/README.md b/modules/aws/bucket/README.md
deleted file mode 100644
index 69ba628..0000000
--- a/modules/aws/bucket/README.md
+++ /dev/null
@@ -1,33 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.87.0 |
-
-## Modules
-
-No modules.
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [aws_s3_bucket.bucket](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_name"></a> [name](#input\_name) | the bucket name | `string` | n/a | yes |
-| <a name="input_namespace"></a> [namespace](#input\_namespace) | nullplatform namespace slug | `string` | n/a | yes |
-
-## Outputs
-
-| Name | Description |
-|------|-------------|
-| <a name="output_bucket_arn"></a> [bucket\_arn](#output\_bucket\_arn) | bucket arn |
-| <a name="output_bucket_id"></a> [bucket\_id](#output\_bucket\_id) | bucket id |
diff --git a/modules/aws/bucket/main.tf b/modules/aws/bucket/main.tf
deleted file mode 100644
index d5c9628..0000000
--- a/modules/aws/bucket/main.tf
+++ /dev/null
@@ -1,5 +0,0 @@
-resource "aws_s3_bucket" "bucket" {
-  bucket = var.name
-
-  force_destroy = true
-}
diff --git a/modules/aws/bucket/output.tf b/modules/aws/bucket/output.tf
deleted file mode 100644
index aee4e69..0000000
--- a/modules/aws/bucket/output.tf
+++ /dev/null
@@ -1,9 +0,0 @@
-output "bucket_arn" {
-  description = "bucket arn"
-  value       = aws_s3_bucket.bucket.arn
-}
-
-output "bucket_id" {
-  description = "bucket id"
-  value       = aws_s3_bucket.bucket.id
-}
diff --git a/modules/aws/bucket/variables.tf b/modules/aws/bucket/variables.tf
deleted file mode 100644
index a49b4ef..0000000
--- a/modules/aws/bucket/variables.tf
+++ /dev/null
@@ -1,4 +0,0 @@
-variable "name" {
-  type        = string
-  description = "the bucket name"
-}
diff --git a/modules/aws/data/iam/eks/trusting/.terraform.lock.hcl b/modules/aws/data/iam/eks/trusting/.terraform.lock.hcl
deleted file mode 100644
index e176bcb..0000000
--- a/modules/aws/data/iam/eks/trusting/.terraform.lock.hcl
+++ /dev/null
@@ -1,19 +0,0 @@
-# This file is maintained automatically by "tofu init".
-# Manual edits may be lost in future updates.
-
-provider "registry.opentofu.org/hashicorp/aws" {
-  version = "5.99.1"
-  hashes = [
-    "h1:0jNckFqimGrHhRB88880ovIpmoE20xhjRb94GBdgjwo=",
-    "zh:13a07422f776dd97214dfa89d6a88340b99613cbb869013c756c1a68fd8cdd9d",
-    "zh:1841d422278afa25d42a8d3ea9197ad08cf092769bd2aa89056d25d4c2629df8",
-    "zh:269016c7ba09d76e42fbcf15de28f2de0595ff9a7304a0500011a4493d7a1551",
-    "zh:2b842c3d0f30e048c05a37752b9c07d316656f3caf79841d08a4f1b057555eb2",
-    "zh:6559eedc095f70a51460dc702613a9033734ba536c1de1ed86a735a3c8131e40",
-    "zh:6d43b2676630344db3a7d6ba8330d20993492168f124e19e040a0aa914ec832e",
-    "zh:7f5d5cb0c1a492080b668f456de50f5b91fc67018c05f12483added3faf703f6",
-    "zh:c3bb8094bf26565150229f1ca6014d41d1283b8a2b06a15b45cd5a6b4ce82e28",
-    "zh:e45bc994d0c6e1c0a0b70e8378f2f933e924f05c91061ed2a97ceaf282e08a25",
-    "zh:ee725d6fbc1dbaa5017e9eab6fa0aa7e107a4ed73a4a8e2acab6b5d3d54cd0e4",
-  ]
-}
diff --git a/modules/aws/data/iam/eks/trusting/README.md b/modules/aws/data/iam/eks/trusting/README.md
deleted file mode 100644
index 55ecf56..0000000
--- a/modules/aws/data/iam/eks/trusting/README.md
+++ /dev/null
@@ -1,34 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.99.1 |
-
-## Modules
-
-No modules.
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [aws_eks_cluster.cluster](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/eks_cluster) | data source |
-| [aws_iam_openid_connect_provider.eks](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_openid_connect_provider) | data source |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_cluster_name"></a> [cluster\_name](#input\_cluster\_name) | Name of the Kubernetes cluster | `string` | n/a | yes |
-| <a name="input_namespace"></a> [namespace](#input\_namespace) | Kubernetes namespace for the Service account | `string` | n/a | yes |
-| <a name="input_service_account_name"></a> [service\_account\_name](#input\_service\_account\_name) | Service account name | `string` | n/a | yes |
-
-## Outputs
-
-| Name | Description |
-|------|-------------|
-| <a name="output_trusting"></a> [trusting](#output\_trusting) | n/a |
diff --git a/modules/aws/data/iam/eks/trusting/data.tf b/modules/aws/data/iam/eks/trusting/data.tf
deleted file mode 100644
index 845880a..0000000
--- a/modules/aws/data/iam/eks/trusting/data.tf
+++ /dev/null
@@ -1,7 +0,0 @@
-data "aws_eks_cluster" "cluster" {
-  name = var.cluster_name
-}
-
-data "aws_iam_openid_connect_provider" "eks" {
-  url = data.aws_eks_cluster.cluster.identity[0].oidc[0].issuer
-}
\ No newline at end of file
diff --git a/modules/aws/data/iam/eks/trusting/output.tf b/modules/aws/data/iam/eks/trusting/output.tf
deleted file mode 100644
index 2c4ff89..0000000
--- a/modules/aws/data/iam/eks/trusting/output.tf
+++ /dev/null
@@ -1,20 +0,0 @@
-output "trusting" {
-  value = {
-    Version = "2012-10-17"
-    Statement = [
-      {
-        Action = "sts:AssumeRoleWithWebIdentity"
-        Effect = "Allow"
-        Principal = {
-          Federated = data.aws_iam_openid_connect_provider.eks.arn
-        }
-        Condition = {
-          StringEquals = {
-            "${replace(data.aws_eks_cluster.cluster.identity[0].oidc[0].issuer, "https://", "")}:sub" = "system:serviceaccount:${var.namespace}:${var.service_account_name}"
-            "${replace(data.aws_eks_cluster.cluster.identity[0].oidc[0].issuer, "https://", "")}:aud" = "sts.amazonaws.com"
-          }
-        }
-      }
-    ]
-  }
-}
\ No newline at end of file
diff --git a/modules/aws/data/iam/eks/trusting/variables.tf b/modules/aws/data/iam/eks/trusting/variables.tf
deleted file mode 100644
index 0cbf0a0..0000000
--- a/modules/aws/data/iam/eks/trusting/variables.tf
+++ /dev/null
@@ -1,14 +0,0 @@
-variable "cluster_name" {
-  description = "Name of the Kubernetes cluster"
-  type        = string
-}
-
-variable "namespace" {
-  description = "Kubernetes namespace for the Service account"
-  type        = string
-}
-
-variable "service_account_name" {
-  description = "Service account name"
-  type        = string
-}
\ No newline at end of file
diff --git a/modules/aws/eks/.terraform.lock.hcl b/modules/aws/eks/.terraform.lock.hcl
deleted file mode 100644
index dbfbdd1..0000000
--- a/modules/aws/eks/.terraform.lock.hcl
+++ /dev/null
@@ -1,125 +0,0 @@
-# This file is maintained automatically by "terraform init".
-# Manual edits may be lost in future updates.
-
-provider "registry.terraform.io/hashicorp/aws" {
-  version     = "5.99.1"
-  constraints = ">= 4.0.0, >= 4.33.0, >= 4.57.0, >= 5.95.0, < 6.0.0"
-  hashes = [
-    "h1:xgPyZArCfKVMy8sThzhb0IernbFy0fJGm897ztejZAQ=",
-    "zh:00b0a61c6d295300f0aa7a79a7d40e9f836164f1fff816d38324c148cd846887",
-    "zh:1ee9d5ccb67378704642db62113ac6c0d56d69408a9c1afb9a8e14b095fc0733",
-    "zh:2035977ed418dcb18290785c1eeb79b7133b39f718c470346e043ac48887ffc7",
-    "zh:67e3ca1bf7061900f81cf958d5c771a2fd6048c2b185bec7b27978349b173a90",
-    "zh:87fadbe5de7347ede72ad879ff8d8d9334103cd9aa4a321bb086bfac91654944",
-    "zh:901d170c457c2bff244a2282d9de595bdb3ebecc33a2034c5ce8aafbcff66db9",
-    "zh:92c07d6cf530679565b87934f9f98604652d787968cce6a3d24c148479b7e34b",
-    "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425",
-    "zh:a7d4803b4c5ff17f029f8b270c91480442ece27cec7922c38548bcfea2ac2d26",
-    "zh:afda848da7993a07d29018ec25ab6feda652e01d4b22721da570ce4fcc005292",
-    "zh:baaf16c98b81bad070e0908f057a97108ecd6e8c9f754d7a79b18df4c8453279",
-    "zh:c3dd496c5014427599d6b6b1c14c7ebb09a15df78918ae0be935e7bfa83b894c",
-    "zh:e2b84c1d40b3f2c4b1d74bf170b9e932983b61bac0e6dab2e36f5057ddcc997f",
-    "zh:e49c92cb29c53b4573ed4d9c946486e6bcfc1b63f1aee0c79cc7626f3d9add03",
-    "zh:efae8e339c4b13f546e0f96c42eb95bf8347de22e941594849b12688574bf380",
-  ]
-}
-
-provider "registry.terraform.io/hashicorp/cloudinit" {
-  version     = "2.3.7"
-  constraints = ">= 2.0.0"
-  hashes = [
-    "h1:M9TpQxKAE/hyOwytdX9MUNZw30HoD/OXqYIug5fkqH8=",
-    "zh:06f1c54e919425c3139f8aeb8fcf9bceca7e560d48c9f0c1e3bb0a8ad9d9da1e",
-    "zh:0e1e4cf6fd98b019e764c28586a386dc136129fef50af8c7165a067e7e4a31d5",
-    "zh:1871f4337c7c57287d4d67396f633d224b8938708b772abfc664d1f80bd67edd",
-    "zh:2b9269d91b742a71b2248439d5e9824f0447e6d261bfb86a8a88528609b136d1",
-    "zh:3d8ae039af21426072c66d6a59a467d51f2d9189b8198616888c1b7fc42addc7",
-    "zh:3ef4e2db5bcf3e2d915921adced43929214e0946a6fb11793085d9a48995ae01",
-    "zh:42ae54381147437c83cbb8790cc68935d71b6357728a154109d3220b1beb4dc9",
-    "zh:4496b362605ae4cbc9ef7995d102351e2fe311897586ffc7a4a262ccca0c782a",
-    "zh:652a2401257a12706d32842f66dac05a735693abcb3e6517d6b5e2573729ba13",
-    "zh:7406c30806f5979eaed5f50c548eced2ea18ea121e01801d2f0d4d87a04f6a14",
-    "zh:7848429fd5a5bcf35f6fee8487df0fb64b09ec071330f3ff240c0343fe2a5224",
-    "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
-  ]
-}
-
-provider "registry.terraform.io/hashicorp/kubernetes" {
-  version     = "2.37.1"
-  constraints = ">= 2.10.0"
-  hashes = [
-    "h1:+37jC6JlkPyPvDHudK3qaj7ZVJ0Zy9zc9+oq8h1WayA=",
-    "zh:0ed097413c7fc804479e325966886b405dc0b75ad2b4f54ce4df1d8e4802b397",
-    "zh:17dcf4a685a00d2d048671124e8a1a8e836b58ecd2ef628a1c666fe0ced2e598",
-    "zh:36891284e5bced57c438f12d0b27856b0d4b70b562bd200b01919a6a89545be9",
-    "zh:3e49d86b508e641ba122d1b0af24cdc4d8ffa2ec1b30022436fb1d7c6ba696ea",
-    "zh:40be623e116708bdcb0fac32989db43720f031c5fe9a4dc63395078185d24403",
-    "zh:44fc0ac3bc39e289b67f9dde7ee9fef29eb8192197e5e68fee69098573021722",
-    "zh:957aa451573bcde5d57f6f8338ea3139010c7f61fefe8f6a140a8c267f056511",
-    "zh:c55fd85b7e8acaac17e30670ac3574b88b3530820dd004bcd2a5daa8624a46e9",
-    "zh:c743f06843a1f5ecde2b8ef639f4d3db654a334ef248dee57261c719ea843f3a",
-    "zh:c93cc71c64b838d89522ac5fb60f68e0e1e7f2fc39db6b0ead7afd78795e79ed",
-    "zh:eda1163c2266905adc54bc78cc3e7b606a164fbc6b59be607db933b302015ccd",
-    "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
-  ]
-}
-
-provider "registry.terraform.io/hashicorp/null" {
-  version     = "3.2.4"
-  constraints = ">= 3.0.0"
-  hashes = [
-    "h1:L5V05xwp/Gto1leRryuesxjMfgZwjb7oool4WS1UEFQ=",
-    "zh:59f6b52ab4ff35739647f9509ee6d93d7c032985d9f8c6237d1f8a59471bbbe2",
-    "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
-    "zh:795c897119ff082133150121d39ff26cb5f89a730a2c8c26f3a9c1abf81a9c43",
-    "zh:7b9c7b16f118fbc2b05a983817b8ce2f86df125857966ad356353baf4bff5c0a",
-    "zh:85e33ab43e0e1726e5f97a874b8e24820b6565ff8076523cc2922ba671492991",
-    "zh:9d32ac3619cfc93eb3c4f423492a8e0f79db05fec58e449dee9b2d5873d5f69f",
-    "zh:9e15c3c9dd8e0d1e3731841d44c34571b6c97f5b95e8296a45318b94e5287a6e",
-    "zh:b4c2ab35d1b7696c30b64bf2c0f3a62329107bd1a9121ce70683dec58af19615",
-    "zh:c43723e8cc65bcdf5e0c92581dcbbdcbdcf18b8d2037406a5f2033b1e22de442",
-    "zh:ceb5495d9c31bfb299d246ab333f08c7fb0d67a4f82681fbf47f2a21c3e11ab5",
-    "zh:e171026b3659305c558d9804062762d168f50ba02b88b231d20ec99578a6233f",
-    "zh:ed0fe2acdb61330b01841fa790be00ec6beaac91d41f311fb8254f74eb6a711f",
-  ]
-}
-
-provider "registry.terraform.io/hashicorp/time" {
-  version     = "0.13.1"
-  constraints = ">= 0.9.0"
-  hashes = [
-    "h1:ZT5ppCNIModqk3iOkVt5my8b8yBHmDpl663JtXAIRqM=",
-    "zh:02cb9aab1002f0f2a94a4f85acec8893297dc75915f7404c165983f720a54b74",
-    "zh:04429b2b31a492d19e5ecf999b116d396dac0b24bba0d0fb19ecaefe193fdb8f",
-    "zh:26f8e51bb7c275c404ba6028c1b530312066009194db721a8427a7bc5cdbc83a",
-    "zh:772ff8dbdbef968651ab3ae76d04afd355c32f8a868d03244db3f8496e462690",
-    "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
-    "zh:898db5d2b6bd6ca5457dccb52eedbc7c5b1a71e4a4658381bcbb38cedbbda328",
-    "zh:8de913bf09a3fa7bedc29fec18c47c571d0c7a3d0644322c46f3aa648cf30cd8",
-    "zh:9402102c86a87bdfe7e501ffbb9c685c32bbcefcfcf897fd7d53df414c36877b",
-    "zh:b18b9bb1726bb8cfbefc0a29cf3657c82578001f514bcf4c079839b6776c47f0",
-    "zh:b9d31fdc4faecb909d7c5ce41d2479dd0536862a963df434be4b16e8e4edc94d",
-    "zh:c951e9f39cca3446c060bd63933ebb89cedde9523904813973fbc3d11863ba75",
-    "zh:e5b773c0d07e962291be0e9b413c7a22c044b8c7b58c76e8aa91d1659990dfb5",
-  ]
-}
-
-provider "registry.terraform.io/hashicorp/tls" {
-  version     = "4.1.0"
-  constraints = ">= 3.0.0"
-  hashes = [
-    "h1:zEv9tY1KR5vaLSyp2lkrucNJ+Vq3c+sTFK9GyQGLtFs=",
-    "zh:14c35d89307988c835a7f8e26f1b83ce771e5f9b41e407f86a644c0152089ac2",
-    "zh:2fb9fe7a8b5afdbd3e903acb6776ef1be3f2e587fb236a8c60f11a9fa165faa8",
-    "zh:35808142ef850c0c60dd93dc06b95c747720ed2c40c89031781165f0c2baa2fc",
-    "zh:35b5dc95bc75f0b3b9c5ce54d4d7600c1ebc96fbb8dfca174536e8bf103c8cdc",
-    "zh:38aa27c6a6c98f1712aa5cc30011884dc4b128b4073a4a27883374bfa3ec9fac",
-    "zh:51fb247e3a2e88f0047cb97bb9df7c228254a3b3021c5534e4563b4007e6f882",
-    "zh:62b981ce491e38d892ba6364d1d0cdaadcee37cc218590e07b310b1dfa34be2d",
-    "zh:bc8e47efc611924a79f947ce072a9ad698f311d4a60d0b4dfff6758c912b7298",
-    "zh:c149508bd131765d1bc085c75a870abb314ff5a6d7f5ac1035a8892d686b6297",
-    "zh:d38d40783503d278b63858978d40e07ac48123a2925e1a6b47e62179c046f87a",
-    "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
-    "zh:fb07f708e3316615f6d218cec198504984c0ce7000b9f1eebff7516e384f4b54",
-  ]
-}
diff --git a/modules/aws/eks/README.md b/modules/aws/eks/README.md
deleted file mode 100644
index 8401f7e..0000000
--- a/modules/aws/eks/README.md
+++ /dev/null
@@ -1,48 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.87.0 |
-
-## Modules
-
-| Name | Source | Version |
-|------|--------|---------|
-| <a name="module_eks"></a> [eks](#module\_eks) | terraform-aws-modules/eks/aws | ~> 19.0 |
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [aws_iam_policy.nullplatform_metrics_eks_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_cluster_name"></a> [cluster\_name](#input\_cluster\_name) | The name of the EKS cluster | `string` | n/a | yes |
-| <a name="input_private_subnets"></a> [private\_subnets](#input\_private\_subnets) | VPC Private Subnets which EKS cluster is deployed in | `list(any)` | n/a | yes |
-| <a name="input_scope_manager_role"></a> [scope\_manager\_role](#input\_scope\_manager\_role) | Add admin role to the aws-auth configmap | `string` | n/a | yes |
-| <a name="input_telemetry_manager_role"></a> [telemetry\_manager\_role](#input\_telemetry\_manager\_role) | Add admin role to the aws-auth configmap | `string` | n/a | yes |
-| <a name="input_vpc_id"></a> [vpc\_id](#input\_vpc\_id) | VPC ID which EKS cluster is deployed in | `string` | n/a | yes |
-
-## Outputs
-
-| Name | Description |
-|------|-------------|
-| <a name="output_cluster_arn"></a> [cluster\_arn](#output\_cluster\_arn) | The Amazon Resource Name (ARN) of the cluster |
-| <a name="output_cluster_certificate_authority_data"></a> [cluster\_certificate\_authority\_data](#output\_cluster\_certificate\_authority\_data) | Base64 encoded certificate data required to communicate with the cluster |
-| <a name="output_cluster_endpoint"></a> [cluster\_endpoint](#output\_cluster\_endpoint) | Endpoint for your Kubernetes API server |
-| <a name="output_cluster_id"></a> [cluster\_id](#output\_cluster\_id) | The ID of the EKS cluster. Note: currently a value is returned only for local EKS clusters created on Outposts |
-| <a name="output_cluster_name"></a> [cluster\_name](#output\_cluster\_name) | The name of the EKS cluster |
-| <a name="output_cluster_oidc_issuer_url"></a> [cluster\_oidc\_issuer\_url](#output\_cluster\_oidc\_issuer\_url) | The URL on the EKS cluster for the OpenID Connect identity provider |
-| <a name="output_cluster_platform_version"></a> [cluster\_platform\_version](#output\_cluster\_platform\_version) | Platform version for the cluster |
-| <a name="output_cluster_security_group_id"></a> [cluster\_security\_group\_id](#output\_cluster\_security\_group\_id) | Cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control-plane-to-data-plane communication. Referred to as 'Cluster security group' in the EKS console |
-| <a name="output_cluster_status"></a> [cluster\_status](#output\_cluster\_status) | Status of the EKS cluster. One of `CREATING`, `ACTIVE`, `DELETING`, `FAILED` |
-| <a name="output_cluster_tls_certificate_sha1_fingerprint"></a> [cluster\_tls\_certificate\_sha1\_fingerprint](#output\_cluster\_tls\_certificate\_sha1\_fingerprint) | The SHA1 fingerprint of the public key of the cluster's certificate |
-| <a name="output_oidc_provider"></a> [oidc\_provider](#output\_oidc\_provider) | The OpenID Connect identity provider (issuer URL without leading `https://`) |
-| <a name="output_oidc_provider_arn"></a> [oidc\_provider\_arn](#output\_oidc\_provider\_arn) | The ARN of the OIDC Provider if `enable_irsa = true` |
diff --git a/modules/aws/eks/backend.tf b/modules/aws/eks/backend.tf
deleted file mode 100644
index f2702bf..0000000
--- a/modules/aws/eks/backend.tf
+++ /dev/null
@@ -1,7 +0,0 @@
-terraform {
-  required_providers {
-    aws = {
-      source = "hashicorp/aws"
-    }
-  }
-}
diff --git a/modules/aws/eks/iam.tf b/modules/aws/eks/iam.tf
deleted file mode 100644
index c80c10b..0000000
--- a/modules/aws/eks/iam.tf
+++ /dev/null
@@ -1,144 +0,0 @@
-resource "aws_iam_policy" "nullplatform_metrics_eks_policy" {
-  provider    = aws
-  name        = "nullplatform-eks-cw-api-policy"
-  description = "Policy for managing CloudWatch metrics and logs from Kubernetes"
-  policy = jsonencode({
-    Version = "2012-10-17",
-    Statement = [
-      {
-        Effect = "Allow",
-        Action = [
-          "ec2:DescribeInstances",
-          "cloudwatch:GetMetricData",
-          "cloudwatch:ListMetrics",
-          "logs:Describe*",
-          "logs:Get*",
-          "logs:List*",
-          "logs:StartQuery",
-          "logs:StopQuery",
-          "logs:TestMetricFilter",
-          "logs:FilterLogEvents"
-        ],
-        Resource = "*"
-      }
-    ]
-  })
-}
-
-resource "aws_iam_policy" "ebs_csi_policy" {
-  name        = "ebs-csi-policy"
-  description = "Policy for EBS CSI driver"
-  policy = jsonencode({
-    Version = "2012-10-17"
-    Statement = [
-      {
-        Effect = "Allow"
-        Action = [
-          "ec2:CreateSnapshot",
-          "ec2:AttachVolume",
-          "ec2:DetachVolume",
-          "ec2:ModifyVolume",
-          "ec2:DescribeAvailabilityZones",
-          "ec2:DescribeInstances",
-          "ec2:DescribeSnapshots",
-          "ec2:DescribeTags",
-          "ec2:DescribeVolumes",
-          "ec2:DescribeVolumesModifications"
-        ]
-        Resource = "*"
-      },
-      {
-        Effect = "Allow"
-        Action = [
-          "ec2:CreateTags"
-        ]
-        Resource = [
-          "arn:aws:ec2:*:*:volume/*",
-          "arn:aws:ec2:*:*:snapshot/*"
-        ]
-        Condition = {
-          StringEquals = {
-            "ec2:CreateAction" = [
-              "CreateVolume",
-              "CreateSnapshot"
-            ]
-          }
-        }
-      },
-      {
-        Effect = "Allow"
-        Action = [
-          "ec2:DeleteTags"
-        ]
-        Resource = [
-          "arn:aws:ec2:*:*:volume/*",
-          "arn:aws:ec2:*:*:snapshot/*"
-        ]
-      },
-      {
-        Effect = "Allow"
-        Action = [
-          "ec2:CreateVolume"
-        ]
-        Resource = "*"
-        Condition = {
-          StringLike = {
-            "aws:RequestTag/ebs.csi.aws.com/cluster" : "true"
-          }
-        }
-      },
-      {
-        Effect = "Allow"
-        Action = [
-          "ec2:CreateVolume"
-        ]
-        Resource = "*"
-        Condition = {
-          StringLike = {
-            "aws:RequestTag/CSIVolumeName" : "*"
-          }
-        }
-      },
-      {
-        Effect = "Allow"
-        Action = [
-          "ec2:DeleteVolume"
-        ]
-        Resource = "*"
-        Condition = {
-          StringLike = {
-            "ec2:ResourceTag/CSIVolumeName" : "*"
-          }
-        }
-      },
-      {
-        Effect = "Allow"
-        Action = [
-          "ec2:DeleteVolume"
-        ]
-        Resource = "*"
-        Condition = {
-          StringLike = {
-            "ec2:ResourceTag/ebs.csi.aws.com/cluster" : "true"
-          }
-        }
-      }
-    ]
-  })
-}
-
-module "ebs_csi_irsa" {
-  source  = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks"
-  version = "~> 5.0"
-
-  role_name_prefix      = "ebs-csi-"
-  attach_ebs_csi_policy = true
-
-  oidc_providers = {
-    main = {
-      provider_arn               = module.eks.oidc_provider_arn
-      namespace_service_accounts = ["kube-system:ebs-csi-controller-sa"]
-    }
-  }
-  role_permissions_boundary_arn = var.iam_role_permissions_boundary
-}
diff --git a/modules/aws/eks/main.tf b/modules/aws/eks/main.tf
deleted file mode 100644
index 7825d50..0000000
--- a/modules/aws/eks/main.tf
+++ /dev/null
@@ -1,73 +0,0 @@
-module "eks" {
-  source  = "terraform-aws-modules/eks/aws"
-  version = "~> 19.0"
-
-  cluster_name    = var.cluster_name
-  cluster_version = "1.31"
-
-  providers = {
-    aws = aws
-  }
-
-  cluster_endpoint_public_access = true
-
-  create_kms_key              = false
-  create_cloudwatch_log_group = false
-  cluster_encryption_config   = {}
-
-  cluster_addons = {
-    coredns = {
-      most_recent = true
-    }
-    kube-proxy = {
-      most_recent = true
-    }
-    vpc-cni = {
-      most_recent = true
-    }
-    aws-ebs-csi-driver = {
-      most_recent              = true
-      service_account_role_arn = module.ebs_csi_irsa.iam_role_arn
-    }
-  }
-
-  vpc_id                   = var.vpc_id
-  subnet_ids               = var.private_subnets
-  control_plane_subnet_ids = var.private_subnets
-
-  eks_managed_node_group_defaults = {
-    instance_types = ["m5.xlarge", "m5.large", "t3.medium"]
-    iam_role_additional_policies = {
-      AmazonEBSCSIDriverPolicy = "arn:aws:iam::aws:policy/service-role/AmazonEBSCSIDriverPolicy",
-      CloudwatchLogs           = aws_iam_policy.nullplatform_metrics_eks_policy.arn
-    }
-  }
-
-  eks_managed_node_groups = {
-    default = {
-      min_size                      = 1
-      max_size                      = 10
-      desired_size                  = 2
-      iam_role_permissions_boundary = var.iam_role_permissions_boundary
-    }
-
-  }
-
-  manage_aws_auth_configmap = true
-
-  aws_auth_roles = [
-    {
-      rolearn  = var.scope_manager_role
-      username = "scope_manager_role"
-      groups   = ["system:masters"]
-    },
-    {
-      rolearn  = var.telemetry_manager_role
-      username = "telemetry_manager_role"
-      groups   = ["eks:k8s-metrics", "np:pod-reader", "system:masters"]
-    }
-  ]
-  iam_role_permissions_boundary = var.iam_role_permissions_boundary
-}
-
-
diff --git a/modules/aws/eks/outputs.tf b/modules/aws/eks/outputs.tf
deleted file mode 100644
index 51520cc..0000000
--- a/modules/aws/eks/outputs.tf
+++ /dev/null
@@ -1,60 +0,0 @@
-output "cluster_arn" {
-  description = "The Amazon Resource Name (ARN) of the cluster"
-  value       = module.eks.cluster_arn
-}
-
-output "cluster_certificate_authority_data" {
-  description = "Base64 encoded certificate data required to communicate with the cluster"
-  value       = module.eks.cluster_certificate_authority_data
-}
-
-output "cluster_endpoint" {
-  description = "Endpoint for your Kubernetes API server"
-  value       = module.eks.cluster_endpoint
-}
-
-output "cluster_id" {
-  description = "The ID of the EKS cluster. Note: currently a value is returned only for local EKS clusters created on Outposts"
-  value       = module.eks.cluster_id
-}
-
-output "cluster_name" {
-  description = "The name of the EKS cluster"
-  value       = module.eks.cluster_name
-}
-
-output "cluster_oidc_issuer_url" {
-  description = "The URL on the EKS cluster for the OpenID Connect identity provider"
-  value       = module.eks.cluster_oidc_issuer_url
-}
-
-output "cluster_platform_version" {
-  description = "Platform version for the cluster"
-  value       = module.eks.cluster_platform_version
-}
-
-output "cluster_status" {
-  description = "Status of the EKS cluster. One of `CREATING`, `ACTIVE`, `DELETING`, `FAILED`"
-  value       = module.eks.cluster_status
-}
-
-output "cluster_security_group_id" {
-  description = "Cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control-plane-to-data-plane communication. Referred to as 'Cluster security group' in the EKS console"
-  value       = module.eks.cluster_security_group_id
-}
-
-output "oidc_provider" {
-  description = "The OpenID Connect identity provider (issuer URL without leading `https://`)"
-  value       = module.eks.oidc_provider
-}
-
-output "oidc_provider_arn" {
-  description = "The ARN of the OIDC Provider if `enable_irsa = true`"
-  value       = module.eks.oidc_provider_arn
-}
-
-output "cluster_tls_certificate_sha1_fingerprint" {
-  description = "The SHA1 fingerprint of the public key of the cluster's certificate"
-  value       = module.eks.cluster_tls_certificate_sha1_fingerprint
-}
-
diff --git a/modules/aws/eks/variables.tf b/modules/aws/eks/variables.tf
deleted file mode 100644
index e1ffb39..0000000
--- a/modules/aws/eks/variables.tf
+++ /dev/null
@@ -1,30 +0,0 @@
-variable "vpc_id" {
-  description = "VPC ID which EKS cluster is deployed in"
-  type        = string
-}
-
-variable "private_subnets" {
-  description = "VPC Private Subnets which EKS cluster is deployed in"
-  type        = list(any)
-}
-
-variable "cluster_name" {
-  type        = string
-  description = "The name of the EKS cluster"
-}
-
-variable "scope_manager_role" {
-  type        = string
-  description = "Add admin role to the aws-auth configmap"
-}
-
-variable "telemetry_manager_role" {
-  type        = string
-  description = "Add admin role to the aws-auth configmap"
-}
-
-variable "iam_role_permissions_boundary" {
-  description = "ARN of the policy that is used to set the permissions boundary for the IAM role"
-  type        = string
-  default     = null
-}
\ No newline at end of file
diff --git a/modules/aws/iam/roles/nullplatform/.terraform.lock.hcl b/modules/aws/iam/roles/nullplatform/.terraform.lock.hcl
deleted file mode 100644
index 3904efc..0000000
--- a/modules/aws/iam/roles/nullplatform/.terraform.lock.hcl
+++ /dev/null
@@ -1,19 +0,0 @@
-# This file is maintained automatically by "tofu init".
-# Manual edits may be lost in future updates.
-
-provider "registry.opentofu.org/hashicorp/aws" {
-  version = "5.87.0"
-  hashes = [
-    "h1:EDxEPPJt3z1s7LPaTfW4skOwStwIKUa4pRvY1U7fb9U=",
-    "zh:0ff0c91bcb9432ea0ae34f0f05e2bcb27d13e416b055b27dd1839277e7828dab",
-    "zh:170c075f97104cb40d88e701f3c9eae4dab08f078f6242d23792059db0a9d290",
-    "zh:49fdaac4023d445827577c036931e4bce1d8cbe9b41356beafe350a2259abd38",
-    "zh:5ed588793045b865d9bd7a867d25b2d1a815bcd3c318f46268dcdeb518345191",
-    "zh:6716747fedd73acdacaf6374ad9ca633a211a530da249086f6fb6af3fe9155fa",
-    "zh:8dae238b36bb4888baa6053b056c5c35382aa946dbbe00022ad9f59d461ba7c6",
-    "zh:9dcad763c2e7e6b0999044eebbca347a3fcc3e28778fa99f74cc25316d4ea723",
-    "zh:a86ca3a4f3ce991c7ab9906989ed9f352a3b9b34febb7a82b39fc2b6f12a58f5",
-    "zh:b964f15192fc89c12510f81bb6980bac19ae39138cdee727b5320757bcefff89",
-    "zh:cca503c8a46df411dcc482b3d352b522de44fcadfec35611bb7658bcdd785c43",
-  ]
-}
diff --git a/modules/aws/iam/roles/nullplatform/README.md b/modules/aws/iam/roles/nullplatform/README.md
deleted file mode 100644
index 884faa4..0000000
--- a/modules/aws/iam/roles/nullplatform/README.md
+++ /dev/null
@@ -1,74 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.87.0 |
-
-## Modules
-
-No modules.
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [aws_iam_access_key.nullplatform_build_workflow_user_key](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_access_key) | resource |
-| [aws_iam_instance_profile.null-instance-profile](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_instance_profile) | resource |
-| [aws_iam_policy.ecr-nullimages-read](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_policy.lambda-execution](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_policy.null-aws-logs-enablement](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_policy.null-params-read](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_policy.nullplatform-assets-write](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_policy.nullplatform_alb_manager_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_policy.nullplatform_asg_manager_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_policy.nullplatform_ecr_manager_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_policy.nullplatform_ecr_write_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_policy.nullplatform_eks_manager_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_policy.nullplatform_lambda_manager_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_policy.nullplatform_metrics_api_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_policy.nullplatform_params_manager_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_policy.nullplatform_route53_manager_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_policy_attachment.null-instance-lambda-execution-attach](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy_attachment) | resource |
-| [aws_iam_policy_attachment.null-instance-role-aws-logs-enablement](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy_attachment) | resource |
-| [aws_iam_policy_attachment.null-instance-role-ecr-attach](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy_attachment) | resource |
-| [aws_iam_policy_attachment.null-instance-role-s3-parameters-read-attach](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy_attachment) | resource |
-| [aws_iam_role.null-instance-role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
-| [aws_iam_role.nullplatform_application_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
-| [aws_iam_role.nullplatform_scope_workflow_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
-| [aws_iam_role.nullplatform_telemetry_manager_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
-| [aws_iam_user.nullplatform_build_workflow_user](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user) | resource |
-| [aws_iam_user_policy.nullplatform_build_workflow_user_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy) | resource |
-| [aws_iam_user_policy.nullplatform_build_workflow_user_policy_s3](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy) | resource |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_application_manager_assume_role"></a> [application\_manager\_assume\_role](#input\_application\_manager\_assume\_role) | n/a | `string` | `"arn:aws:iam::283477532906:role/application_manager"` | no |
-| <a name="input_assets_bucket_arns"></a> [assets\_bucket\_arns](#input\_assets\_bucket\_arns) | Assets bucket arn | `list(string)` | n/a | yes |
-| <a name="input_parameters_bucket_arns"></a> [parameters\_bucket\_arns](#input\_parameters\_bucket\_arns) | Parameters bucket arn | `list(string)` | n/a | yes |
-| <a name="input_parameters_encryption_arns"></a> [parameters\_encryption\_arns](#input\_parameters\_encryption\_arns) | Parameters secret arn | `list(string)` | n/a | yes |
-| <a name="input_scope_manager_assume_role"></a> [scope\_manager\_assume\_role](#input\_scope\_manager\_assume\_role) | n/a | `string` | `"arn:aws:iam::283477532906:role/scope_and_deploy_manager"` | no |
-| <a name="input_telemetry_manager_assume_role"></a> [telemetry\_manager\_assume\_role](#input\_telemetry\_manager\_assume\_role) | n/a | `string` | `"arn:aws:iam::283477532906:role/telemetry_manager"` | no |
-
-## Outputs
-
-| Name | Description |
-|------|-------------|
-| <a name="output_nullplatform_application_role_arn"></a> [nullplatform\_application\_role\_arn](#output\_nullplatform\_application\_role\_arn) | The ARN of the null-application-role |
-| <a name="output_nullplatform_build_workflow_user_access_key_id"></a> [nullplatform\_build\_workflow\_user\_access\_key\_id](#output\_nullplatform\_build\_workflow\_user\_access\_key\_id) | The access key ID for the null-build-workflow-user |
-| <a name="output_nullplatform_build_workflow_user_name"></a> [nullplatform\_build\_workflow\_user\_name](#output\_nullplatform\_build\_workflow\_user\_name) | The name of the null-build-workflow-user |
-| <a name="output_nullplatform_build_workflow_user_secret_access_key"></a> [nullplatform\_build\_workflow\_user\_secret\_access\_key](#output\_nullplatform\_build\_workflow\_user\_secret\_access\_key) | The secret access key for the null-build-workflow-user |
-| <a name="output_nullplatform_ecr_manager_policy_arn"></a> [nullplatform\_ecr\_manager\_policy\_arn](#output\_nullplatform\_ecr\_manager\_policy\_arn) | The ARN of the np-ecr-manager-policy |
-| <a name="output_nullplatform_ecr_write_policy_arn"></a> [nullplatform\_ecr\_write\_policy\_arn](#output\_nullplatform\_ecr\_write\_policy\_arn) | The ARN of the np-ecr-write-policy |
-| <a name="output_nullplatform_eks_manager_policy_arn"></a> [nullplatform\_eks\_manager\_policy\_arn](#output\_nullplatform\_eks\_manager\_policy\_arn) | The ARN of the np-eks-manager-policy |
-| <a name="output_nullplatform_instance_profile_arn"></a> [nullplatform\_instance\_profile\_arn](#output\_nullplatform\_instance\_profile\_arn) | The ARN of the instance arn |
-| <a name="output_nullplatform_metrics_api_policy_arn"></a> [nullplatform\_metrics\_api\_policy\_arn](#output\_nullplatform\_metrics\_api\_policy\_arn) | The ARN of the np-metrics-api-policy |
-| <a name="output_nullplatform_role_arn"></a> [nullplatform\_role\_arn](#output\_nullplatform\_role\_arn) | The IAM Role arn used for Lambda and EC2 |
-| <a name="output_nullplatform_route53_manager_policy_arn"></a> [nullplatform\_route53\_manager\_policy\_arn](#output\_nullplatform\_route53\_manager\_policy\_arn) | The ARN of the np-route53-manager-policy |
-| <a name="output_nullplatform_scope_workflow_role_arn"></a> [nullplatform\_scope\_workflow\_role\_arn](#output\_nullplatform\_scope\_workflow\_role\_arn) | The ARN of the null-scope-workflow-role |
-| <a name="output_nullplatform_telemetry_manager_role_arn"></a> [nullplatform\_telemetry\_manager\_role\_arn](#output\_nullplatform\_telemetry\_manager\_role\_arn) | The ARN of the null-telemetry-manager-role |
diff --git a/modules/aws/iam/roles/nullplatform/backend.tf b/modules/aws/iam/roles/nullplatform/backend.tf
deleted file mode 100644
index f2702bf..0000000
--- a/modules/aws/iam/roles/nullplatform/backend.tf
+++ /dev/null
@@ -1,7 +0,0 @@
-terraform {
-  required_providers {
-    aws = {
-      source = "hashicorp/aws"
-    }
-  }
-}
diff --git a/modules/aws/iam/roles/nullplatform/execution-role.tf b/modules/aws/iam/roles/nullplatform/execution-role.tf
deleted file mode 100644
index 0e57757..0000000
--- a/modules/aws/iam/roles/nullplatform/execution-role.tf
+++ /dev/null
@@ -1,164 +0,0 @@
-resource "aws_iam_role" "null-instance-role" {
-  name                 = "null-instance-role"
-  assume_role_policy   = <<EOF
-{
-  "Version": "2012-10-17",
-  "Statement": [
-    {
-      "Effect": "Allow",
-      "Principal": {
-        "Service": ["ec2.amazonaws.com","lambda.amazonaws.com"]
-      },
-      "Action": "sts:AssumeRole"
-    }
-  ]
-}
-EOF
-  permissions_boundary = var.permissions_boundary_arn
-}
-
-resource "aws_iam_policy_attachment" "null-instance-lambda-execution-attach" {
-  name       = "null-instance-role-lambda-execution"
-  roles      = [aws_iam_role.null-instance-role.id]
-  policy_arn = aws_iam_policy.lambda-execution.arn
-}
-
-resource "aws_iam_policy_attachment" "null-instance-role-ecr-attach" {
-  name       = "null-instance-role-ecr-attach"
-  roles      = [aws_iam_role.null-instance-role.id]
-  policy_arn = aws_iam_policy.ecr-nullimages-read.arn
-}
-
-resource "aws_iam_policy_attachment" "null-instance-role-s3-parameters-read-attach" {
-  name       = "null-instance-role-s3-parameters-read-attach"
-  roles      = [aws_iam_role.null-instance-role.id]
-  policy_arn = aws_iam_policy.null-params-read.arn
-}
-
-resource "aws_iam_policy_attachment" "null-instance-role-aws-logs-enablement" {
-  name       = "null-instance-role-s3-parameters-attach"
-  roles      = [aws_iam_role.null-instance-role.id]
-  policy_arn = aws_iam_policy.null-aws-logs-enablement.arn
-}
-
-resource "aws_iam_instance_profile" "null-instance-profile" {
-  name = "null-instance-profile"
-  role = aws_iam_role.null-instance-role.name
-}
-
-resource "aws_iam_policy" "lambda-execution" {
-  name = "lambda-execution"
-  policy = jsonencode(
-    {
-      Version = "2012-10-17",
-      Statement = [
-        {
-          Effect = "Allow",
-          Action = [
-            "lambda:InvokeFunction"
-          ],
-          Resource = [
-            "*"
-          ]
-          }, {
-          Effect = "Allow",
-          Action = [
-            "ec2:AssignPrivateIpAddresses",
-            "ec2:AttachNetworkInterface",
-            "ec2:CreateNetworkInterface",
-            "ec2:DeleteNetworkInterface",
-            "ec2:DescribeInstances",
-            "ec2:DescribeTags",
-            "ec2:DescribeNetworkInterfaces",
-            "ec2:DescribeInstanceTypes",
-            "ec2:DetachNetworkInterface",
-            "ec2:ModifyNetworkInterfaceAttribute",
-            "ec2:UnassignPrivateIpAddresses"
-          ],
-          Resource = "*"
-        },
-        {
-          Effect = "Allow",
-          Action = [
-            "ec2:CreateTags"
-          ],
-          Resource = [
-            "arn:aws:ec2:*:*:network-interface/*"
-          ]
-        }
-      ]
-    }
-  )
-}
-
-resource "aws_iam_policy" "ecr-nullimages-read" {
-  name = "ecr-nullimages-read"
-  policy = jsonencode({
-    Version = "2012-10-17"
-    Statement = [
-      {
-        Action = [
-          "ecr:DescribeImages",
-          "ecr:DescribeRegistry",
-          "ecr:DescribeRepositories",
-          "ecr:GetDownloadUrlForLayer",
-          "ecr:ListImages",
-          "ecr:GetAuthorizationToken",
-          "ecr:BatchGetImage"
-        ]
-        Effect   = "Allow"
-        Resource = "*"
-      },
-    ]
-  })
-}
-
-resource "aws_iam_policy" "null-params-read" {
-  name = "null-params-read"
-  policy = jsonencode({
-    Version = "2012-10-17"
-    Statement = [
-      {
-        Action = [
-          "s3:GetObject",
-          "s3:GetObjectVersion"
-        ]
-        Effect   = "Allow"
-        Resource = [for bucket in var.parameters_bucket_arns : "${bucket}/*"]
-        }, {
-        Action = [
-          "secretsmanager:GetSecretValue"
-        ]
-        Effect   = "Allow"
-        Resource = [for param in var.parameters_encryption_arns : param]
-      },
-    ]
-  })
-}
-
-resource "aws_iam_policy" "null-aws-logs-enablement" {
-  name        = "null-aws-logs-enablement"
-  path        = "/"
-  description = "Policy to allow push cloudwatch logs"
-
-  policy = jsonencode({
-    Version = "2012-10-17",
-    Statement = [
-      {
-        Effect = "Allow",
-        Action = [
-          "logs:CreateLogGroup",
-          "logs:CreateLogStream",
-          "logs:PutLogEvents",
-          "logs:DescribeLogStreams",
-          "logs:PutRetentionPolicy"
-        ],
-        Resource = [
-          "arn:aws:logs:*:*:*"
-        ]
-      }
-    ]
-  })
-}
-
-
diff --git a/modules/aws/iam/roles/nullplatform/main.tf b/modules/aws/iam/roles/nullplatform/main.tf
deleted file mode 100644
index 5a4866d..0000000
--- a/modules/aws/iam/roles/nullplatform/main.tf
+++ /dev/null
@@ -1,177 +0,0 @@
-resource "aws_iam_policy" "nullplatform_ecr_manager_policy" {
-  provider    = aws
-  name        = "nullplatform-ecr-manager-policy"
-  description = "Policy for managing ECR"
-  policy = jsonencode({
-    Version = "2012-10-17",
-    Statement = [
-      {
-        Effect = "Allow",
-        Action = [
-          "ecr:GetDownloadUrlForLayer",
-          "ecr:BatchGetImage",
-          "ecr:CompleteLayerUpload",
-          "ecr:UploadLayerPart",
-          "ecr:InitiateLayerUpload",
-          "ecr:BatchCheckLayerAvailability",
-          "ecr:PutImage",
-          "ecr:CreateRepository",
-          "ecr:DeleteRepository",
-          "ecr:DescribeRepositories",
-          "ecr:TagResource"
-        ],
-        Resource = "*"
-      },
-      {
-        Effect = "Allow",
-        Action = [
-          "sts:GetServiceBearerToken",
-          "ecr:GetAuthorizationToken"
-        ],
-        Resource = "*"
-      }
-    ]
-  })
-}
-
-resource "aws_iam_policy" "nullplatform_ecr_write_policy" {
-  provider    = aws
-  name        = "nullplatform-ecr-write-policy"
-  description = "Policy for build workflow user to write to ECR"
-  policy = jsonencode({
-    Version = "2012-10-17",
-    Statement = [
-      {
-        Sid    = "NullplatformEcrWritePolicy",
-        Effect = "Allow",
-        Action = [
-          "ecr:BatchCheckLayerAvailability",
-          "ecr:InitiateLayerUpload",
-          "ecr:PutImage",
-          "ecr:UploadLayerPart",
-          "ecr:CompleteLayerUpload",
-          "ecr:GetAuthorizationToken"
-        ],
-        Resource = "*"
-      }
-    ]
-  })
-}
-
-resource "aws_iam_policy" "nullplatform_metrics_api_policy" {
-  provider    = aws
-  name        = "nullplatform-metrics-api-policy"
-  description = "Policy for managing CloudWatch metrics and logs"
-  policy = jsonencode({
-    Version = "2012-10-17",
-    Statement = [
-      {
-        Effect = "Allow",
-        Action = [
-          "ec2:DescribeInstances",
-          "cloudwatch:GetMetricData",
-          "cloudwatch:ListMetrics",
-          "logs:Describe*",
-          "logs:Get*",
-          "logs:List*",
-          "logs:StartQuery",
-          "logs:StopQuery",
-          "logs:TestMetricFilter",
-          "logs:FilterLogEvents"
-        ],
-        Resource = "*"
-      }
-    ]
-  })
-}
-
-resource "aws_iam_policy" "nullplatform-assets-write" {
-  name = "nullplatform-assets-write"
-  policy = jsonencode({
-    Version = "2012-10-17"
-    Statement = [
-      {
-        Action = [
-          "s3:PutObject",
-          "s3:PutObjectAcl",
-          "s3:PutObjectVersionAcl",
-          "s3:GetObject"
-        ]
-        Effect   = "Allow"
-        Resource = [for bucket in var.assets_bucket_arns : "${bucket}/*"]
-      }
-    ]
-  })
-}
-
-resource "aws_iam_role" "nullplatform_application_role" {
-  provider = aws
-  name     = "nullplatform-application-role"
-  assume_role_policy = jsonencode({
-    Version = "2012-10-17",
-    Statement = [
-      {
-        Effect = "Allow",
-        Principal = {
-          AWS = var.application_manager_assume_role
-        },
-        Action = "sts:AssumeRole"
-      }
-    ]
-  })
-  inline_policy {
-    name   = "ecr-manager-policy"
-    policy = aws_iam_policy.nullplatform_ecr_manager_policy.policy
-  }
-  permissions_boundary = var.permissions_boundary_arn
-}
-
-resource "aws_iam_role" "nullplatform_telemetry_manager_role" {
-  provider = aws
-  name     = "nullplatform-telemetry-manager-role"
-  assume_role_policy = jsonencode({
-    Version = "2012-10-17",
-    Statement = [
-      {
-        Effect = "Allow",
-        Principal = {
-          AWS = var.telemetry_manager_assume_role
-        },
-        Action = "sts:AssumeRole"
-      }
-    ]
-  })
-  inline_policy {
-    name   = "metrics-api-policy"
-    policy = aws_iam_policy.nullplatform_metrics_api_policy.policy
-  }
-  inline_policy {
-    name   = "eks-manager-policy"
-    policy = aws_iam_policy.nullplatform_eks_manager_policy.policy
-  }
-  permissions_boundary = var.permissions_boundary_arn
-}
-
-resource "aws_iam_user" "nullplatform_build_workflow_user" {
-  provider = aws
-  name     = "nullplatform-build-workflow-user"
-}
-
-resource "aws_iam_user_policy" "nullplatform_build_workflow_user_policy" {
-  provider = aws
-  name     = "ecr-write-policy"
-  user     = aws_iam_user.nullplatform_build_workflow_user.name
-  policy   = aws_iam_policy.nullplatform_ecr_write_policy.policy
-}
-
-resource "aws_iam_user_policy" "nullplatform_build_workflow_user_policy_s3" {
-  provider = aws
-  name     = "s3-write-policy"
-  user     = aws_iam_user.nullplatform_build_workflow_user.name
-  policy   = aws_iam_policy.nullplatform-assets-write.policy
-}
-
-resource "aws_iam_access_key" "nullplatform_build_workflow_user_key" {
-  provider = aws
-  user     = aws_iam_user.nullplatform_build_workflow_user.name
-}
diff --git a/modules/aws/iam/roles/nullplatform/output.tf b/modules/aws/iam/roles/nullplatform/output.tf
deleted file mode 100644
index bb974f7..0000000
--- a/modules/aws/iam/roles/nullplatform/output.tf
+++ /dev/null
@@ -1,66 +0,0 @@
-output "nullplatform_application_role_arn" {
-  description = "The ARN of the null-application-role"
-  value       = aws_iam_role.nullplatform_application_role.arn
-}
-
-output "nullplatform_scope_workflow_role_arn" {
-  description = "The ARN of the null-scope-workflow-role"
-  value       = aws_iam_role.nullplatform_scope_workflow_role.arn
-}
-
-output "nullplatform_telemetry_manager_role_arn" {
-  description = "The ARN of the null-telemetry-manager-role"
-  value       = aws_iam_role.nullplatform_telemetry_manager_role.arn
-}
-
-output "nullplatform_ecr_manager_policy_arn" {
-  description = "The ARN of the np-ecr-manager-policy"
-  value       = aws_iam_policy.nullplatform_ecr_manager_policy.arn
-}
-
-output "nullplatform_ecr_write_policy_arn" {
-  description = "The ARN of the np-ecr-write-policy"
-  value       = aws_iam_policy.nullplatform_ecr_write_policy.arn
-}
-
-output "nullplatform_eks_manager_policy_arn" {
-  description = "The ARN of the np-eks-manager-policy"
-  value       = aws_iam_policy.nullplatform_eks_manager_policy.arn
-}
-
-output "nullplatform_route53_manager_policy_arn" {
-  description = "The ARN of the np-route53-manager-policy"
-  value       = aws_iam_policy.nullplatform_route53_manager_policy.arn
-}
-
-output "nullplatform_metrics_api_policy_arn" {
-  description = "The ARN of the np-metrics-api-policy"
-  value       = aws_iam_policy.nullplatform_metrics_api_policy.arn
-}
-
-output "nullplatform_instance_profile_arn" {
-  description = "The ARN of the instance arn"
-  value       = aws_iam_instance_profile.null-instance-profile.arn
-}
-
-output "nullplatform_build_workflow_user_name" {
-  description = "The name of the null-build-workflow-user"
-  value       = aws_iam_user.nullplatform_build_workflow_user.name
-}
-
-output "nullplatform_build_workflow_user_access_key_id" {
-  description = "The access key ID for the null-build-workflow-user"
-  value       = aws_iam_access_key.nullplatform_build_workflow_user_key.id
-  sensitive   = true
-}
-
-output "nullplatform_build_workflow_user_secret_access_key" {
-  description = "The secret access key for the null-build-workflow-user"
-  value       = aws_iam_access_key.nullplatform_build_workflow_user_key.secret
-  sensitive   = true
-}
-
-output "nullplatform_role_arn" {
-  description = "The IAM Role arn used for Lambda and EC2"
-  value       = aws_iam_role.null-instance-role.arn
-}
diff --git a/modules/aws/iam/roles/nullplatform/scope-workflow-manager.tf b/modules/aws/iam/roles/nullplatform/scope-workflow-manager.tf
deleted file mode 100644
index f5cb3f9..0000000
--- a/modules/aws/iam/roles/nullplatform/scope-workflow-manager.tf
+++ /dev/null
@@ -1,407 +0,0 @@
-resource "aws_iam_role" "nullplatform_scope_workflow_role" {
-  provider = aws
-  name     = "nullplatform-scope-workflow-role"
-  assume_role_policy = jsonencode({
-    Version = "2012-10-17",
-    Statement = [
-      {
-        Effect = "Allow",
-        Principal = {
-          AWS = var.scope_manager_assume_role
-        },
-        Action = "sts:AssumeRole"
-      }
-    ]
-  })
-  inline_policy {
-    name   = "route53-manager-policy"
-    policy = aws_iam_policy.nullplatform_route53_manager_policy.policy
-  }
-  inline_policy {
-    name   = "eks-manager-policy"
-    policy = aws_iam_policy.nullplatform_eks_manager_policy.policy
-  }
-  inline_policy {
-    name   = "asg-manager-policy"
-    policy = aws_iam_policy.nullplatform_asg_manager_policy.policy
-  }
-
-  inline_policy {
-    name   = "alb-manager-policy"
-    policy = aws_iam_policy.nullplatform_alb_manager_policy.policy
-  }
-
-  inline_policy {
-    name   = "lambda-manager-policy"
-    policy = aws_iam_policy.nullplatform_lambda_manager_policy.policy
-  }
-
-  inline_policy {
-    name   = "params-manager-policy"
-    policy = aws_iam_policy.nullplatform_params_manager_policy.policy
-  }
-  permissions_boundary = var.permissions_boundary_arn
-}
-
-resource "aws_iam_policy" "nullplatform_route53_manager_policy" {
-  provider    = aws
-  name        = "nullplatform-route53-manager-policy"
-  description = "Policy for managing Route53"
-  policy = jsonencode({
-    Version = "2012-10-17",
-    Statement = [
-      {
-        Effect = "Allow",
-        Action = [
-          "route53:ChangeResourceRecordSets",
-          "route53:GetHostedZone",
-          "route53:ListResourceRecordSets"
-        ],
-        Resource = "arn:aws:route53:::hostedzone/*"
-      }
-    ]
-  })
-}
-
-resource "aws_iam_policy" "nullplatform_eks_manager_policy" {
-  provider    = aws
-  name        = "nullplatform-eks-manager-policy"
-  description = "Policy for managing EKS"
-  policy = jsonencode({
-    Version = "2012-10-17",
-    Statement = [
-      {
-        Effect = "Allow",
-        Action = [
-          "eks:DescribeCluster",
-          "elasticloadbalancing:DescribeLoadBalancers"
-        ],
-        Resource = "*"
-      },
-      {
-        "Effect" : "Allow",
-        "Action" : [
-          "logs:CreateLogGroup",
-          "logs:CreateLogStream",
-          "logs:PutLogEvents",
-          "logs:DescribeLogStreams"
-        ],
-        "Resource" : [
-          "arn:aws:logs:*:*:*"
-        ]
-      }
-    ]
-  })
-}
-
-resource "aws_iam_policy" "nullplatform_asg_manager_policy" {
-  provider    = aws
-  name        = "nullplatform-asg-manager-policy"
-  description = "Policy for managing ASG"
-  policy = jsonencode({
-    Version = "2012-10-17",
-    Statement = [
-      {
-        Effect   = "Allow",
-        Action   = "autoscaling:*",
-        Resource = "*"
-      },
-      {
-        Effect = "Allow",
-        Action = [
-          "cloudwatch:*",
-          "logs:*",
-
-        ],
-        Resource = "*"
-      },
-      {
-        Effect   = "Allow",
-        Action   = "iam:CreateServiceLinkedRole",
-        Resource = "arn:aws:iam::*:role/aws-service-role/events.amazonaws.com/AWSServiceRoleForCloudWatchEvents*",
-        Condition = {
-          StringLike = {
-            "iam:AWSServiceName" : "events.amazonaws.com"
-          }
-        }
-      },
-      {
-        Effect = "Allow",
-        Action = [
-          "oam:ListAttachedLinks"
-        ],
-        Resource = "arn:aws:oam:*:*:sink/*"
-      },
-      {
-        Effect = "Allow",
-        Action = [
-          "ec2:DescribeAccountAttributes",
-          "ec2:DescribeAvailabilityZones",
-          "ec2:DescribeImages",
-          "ec2:DescribeInstanceAttribute",
-          "ec2:DescribeInstances",
-          "ec2:DescribeKeyPairs",
-          "ec2:DescribeLaunchTemplateVersions",
-          "ec2:DescribePlacementGroups",
-          "ec2:DescribeSecurityGroups",
-          "ec2:DescribeSpotInstanceRequests",
-          "ec2:DescribeSubnets",
-          "ec2:DescribeVpcClassicLink",
-          "ec2:RunInstances",
-          "ec2:CreateTags",
-          "ec2:CreateLaunchTemplate",
-          "ec2:CreateLaunchTemplateVersion",
-          "ec2:DeleteLaunchTemplate",
-          "ec2:DeleteLaunchTemplateVersions",
-          "ec2:DeleteTags"
-        ],
-        Resource = "*"
-      },
-      {
-        Effect = "Allow",
-        Action = [
-          "elasticloadbalancing:DescribeLoadBalancers",
-          "elasticloadbalancing:DescribeTargetGroups"
-        ],
-        Resource = "*"
-      },
-      {
-        Effect = "Allow",
-        Action = [
-          "iam:GetRole",
-          "iam:PassRole",
-          "iam:GetPolicy",
-          "iam:GetPolicyVersion",
-          "iam:GetRole",
-          "oam:ListSinks"
-        ],
-        Resource = "*"
-      },
-      {
-        Effect   = "Allow",
-        Action   = "iam:CreateServiceLinkedRole",
-        Resource = "*",
-        Condition = {
-          StringEquals = {
-            "iam:AWSServiceName" = "autoscaling.amazonaws.com"
-          }
-        }
-      }
-    ]
-  })
-}
-
-resource "aws_iam_policy" "nullplatform_alb_manager_policy" {
-  provider    = aws
-  name        = "nullplatform-alb-manager-policy"
-  description = "Policy for managing ALB"
-  policy = jsonencode({
-    Version = "2012-10-17",
-    Statement = [
-      {
-        Effect   = "Allow",
-        Action   = "elasticloadbalancing:*",
-        Resource = "*"
-      },
-      {
-        Effect = "Allow",
-        Action = [
-          "ec2:DescribeAccountAttributes",
-          "ec2:DescribeAddresses",
-          "ec2:DescribeInternetGateways",
-          "ec2:DescribeSecurityGroups",
-          "ec2:DescribeSubnets",
-          "ec2:DescribeVpcs",
-          "ec2:DescribeVpcClassicLink",
-          "ec2:DescribeInstances",
-          "ec2:DescribeNetworkInterfaces",
-          "ec2:DescribeClassicLinkInstances",
-          "ec2:DescribeRouteTables",
-          "ec2:DescribeCoipPools",
-          "ec2:GetCoipPoolUsage",
-          "ec2:DescribeVpcPeeringConnections",
-          "cognito-idp:DescribeUserPoolClient"
-        ],
-        Resource = "*"
-      },
-      {
-        Effect   = "Allow",
-        Action   = "iam:CreateServiceLinkedRole",
-        Resource = "*",
-        Condition = {
-          StringEquals = {
-            "iam:AWSServiceName" = "elasticloadbalancing.amazonaws.com"
-          }
-        }
-      },
-      {
-        Effect   = "Allow",
-        Action   = "iam:CreateServiceLinkedRole",
-        Resource = "*",
-        Condition = {
-          StringEquals = {
-            "iam:AWSServiceName" = "execute-api.amazonaws.com"
-          }
-        }
-      },
-      {
-        Effect   = "Allow",
-        Action   = "iam:CreateServiceLinkedRole",
-        Resource = "*",
-        Condition = {
-          StringEquals = {
-            "iam:AWSServiceName" = "apigateway.amazonaws.com"
-          }
-        }
-      },
-      {
-        Effect   = "Allow",
-        Action   = "iam:CreateServiceLinkedRole",
-        Resource = "*",
-        Condition = {
-          StringEquals = {
-            "iam:AWSServiceName" = "ops.apigateway.amazonaws.com"
-          }
-        }
-      },
-
-      {
-        Effect   = "Allow",
-        Action   = "arc-zonal-shift:*",
-        Resource = "arn:aws:elasticloadbalancing:*:*:loadbalancer/*"
-      },
-      {
-        Effect = "Allow",
-        Action = [
-          "arc-zonal-shift:ListManagedResources",
-          "arc-zonal-shift:ListZonalShifts"
-        ],
-        Resource = "*"
-      }
-    ]
-  })
-}
-
-resource "aws_iam_policy" "nullplatform_lambda_manager_policy" {
-  provider    = aws
-  name        = "nullplatform-lambda-manager-policy"
-  description = "Policy for managing Lambda"
-  policy = jsonencode({
-    Version = "2012-10-17",
-    Statement = [
-      {
-        Effect = "Allow",
-        Action = [
-          "s3:GetObject"
-        ],
-        Resource = [for bucket in var.assets_bucket_arns : "${bucket}/*"]
-
-      },
-      {
-        Effect = "Allow",
-        Action = [
-          "ec2:CreateNetworkInterface",
-          "lambda:CreateFunction",
-          "lambda:DeleteProvisionedConcurrencyConfig",
-          "lambda:GetFunctionConfiguration",
-          "lambda:ListProvisionedConcurrencyConfigs",
-          "lambda:GetProvisionedConcurrencyConfig",
-          "lambda:ListLayers",
-          "lambda:ListLayerVersions",
-          "lambda:DeleteFunction",
-          "lambda:GetAlias",
-          "lambda:ListCodeSigningConfigs",
-          "lambda:UpdateFunctionUrlConfig",
-          "lambda:CreateFunctionUrlConfig",
-          "lambda:UpdateFunctionEventInvokeConfig",
-          "lambda:DeleteFunctionCodeSigningConfig",
-          "lambda:InvokeFunctionUrl",
-          "lambda:ListFunctions",
-          "lambda:GetEventSourceMapping",
-          "apigateway:*",
-          "lambda:ListAliases",
-          "lambda:GetFunctionUrlConfig",
-          "lambda:GetFunctionCodeSigningConfig",
-          "lambda:UpdateAlias",
-          "lambda:UpdateFunctionCode",
-          "lambda:ListFunctionEventInvokeConfigs",
-          "lambda:PutRuntimeManagementConfig",
-          "lambda:ListFunctionsByCodeSigningConfig",
-          "lambda:GetFunctionConcurrency",
-          "lambda:PutProvisionedConcurrencyConfig",
-          "lambda:ListEventSourceMappings",
-          "lambda:PublishVersion",
-          "lambda:DeleteEventSourceMapping",
-          "lambda:CreateAlias",
-          "lambda:ListVersionsByFunction",
-          "lambda:GetLayerVersion",
-          "lambda:PublishLayerVersion",
-          "lambda:GetAccountSettings",
-          "lambda:CreateEventSourceMapping",
-          "lambda:GetLayerVersionPolicy",
-          "lambda:PutFunctionConcurrency",
-          "lambda:DeleteCodeSigningConfig",
-          "lambda:ListTags",
-          "lambda:AddPermission",
-          "lambda:TagResource",
-          "lambda:GetRuntimeManagementConfig",
-          "lambda:DeleteLayerVersion",
-          "lambda:PutFunctionEventInvokeConfig",
-          "lambda:DeleteFunctionEventInvokeConfig",
-          "lambda:CreateCodeSigningConfig",
-          "lambda:PutFunctionCodeSigningConfig",
-          "lambda:UpdateEventSourceMapping",
-          "lambda:UpdateFunctionCodeSigningConfig",
-          "lambda:GetFunction",
-          "lambda:UpdateFunctionConfiguration",
-          "lambda:ListFunctionUrlConfigs",
-          "lambda:UpdateCodeSigningConfig",
-          "lambda:GetFunctionEventInvokeConfig",
-          "lambda:DeleteAlias",
-          "lambda:DeleteFunctionConcurrency",
-          "lambda:GetCodeSigningConfig",
-          "lambda:DeleteFunctionUrlConfig",
-          "lambda:GetPolicy"
-        ],
-        "Resource" : "*"
-      }
-    ]
-  })
-}
-
-resource "aws_iam_policy" "nullplatform_params_manager_policy" {
-  provider    = aws
-  name        = "nullplatform-params-manager-policy"
-  description = "Policy for managing params"
-  policy = jsonencode({
-    Version = "2012-10-17",
-    Statement = [
-      {
-        Action = [
-          "s3:PutObject",
-          "s3:PutObjectAcl",
-          "s3:PutObjectVersionAcl"
-        ]
-        Effect   = "Allow"
-        Resource = [for bucket in var.parameters_bucket_arns : "${bucket}/*"]
-      },
-      {
-        Action = [
-          "s3:PutObject",
-          "s3:PutObjectAcl",
-          "s3:PutObjectVersionAcl",
-          "s3:GetObject"
-        ]
-        Effect   = "Allow"
-        Resource = [for bucket in var.assets_bucket_arns : "${bucket}/*"]
-      }
-      , {
-        Action = [
-          "secretsmanager:GetSecretValue"
-        ]
-        Effect   = "Allow"
-        Resource = [for param in var.parameters_encryption_arns : param]
-      }
-    ]
-  })
-}
diff --git a/modules/aws/iam/roles/nullplatform/variables.tf b/modules/aws/iam/roles/nullplatform/variables.tf
deleted file mode 100644
index 0e6eeb6..0000000
--- a/modules/aws/iam/roles/nullplatform/variables.tf
+++ /dev/null
@@ -1,33 +0,0 @@
-variable "scope_manager_assume_role" {
-  type    = string
-  default = "arn:aws:iam::283477532906:role/scope_and_deploy_manager"
-}
-
-variable "telemetry_manager_assume_role" {
-  type    = string
-  default = "arn:aws:iam::283477532906:role/telemetry_manager"
-}
-
-variable "application_manager_assume_role" {
-  type    = string
-  default = "arn:aws:iam::283477532906:role/application_manager"
-}
-
-variable "assets_bucket_arns" {
-  type        = list(string)
-  description = "Assets bucket arn"
-}
-variable "parameters_bucket_arns" {
-  type        = list(string)
-  description = "Parameters bucket arn"
-}
-variable "parameters_encryption_arns" {
-  type        = list(string)
-  description = "Parameters secret arn"
-}
-
-variable "permissions_boundary_arn" {
-  type        = string
-  description = "ARN of the permissions boundary to roles"
-  default     = null
-}
\ No newline at end of file
diff --git a/modules/aws/route53/README.md b/modules/aws/route53/README.md
deleted file mode 100644
index 28225a2..0000000
--- a/modules/aws/route53/README.md
+++ /dev/null
@@ -1,36 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.87.0 |
-
-## Modules
-
-No modules.
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [aws_route53_zone.private_zone](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_zone) | resource |
-| [aws_route53_zone.public_zone](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_zone) | resource |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_domain_name"></a> [domain\_name](#input\_domain\_name) | n/a | `string` | n/a | yes |
-| <a name="input_vpcs"></a> [vpcs](#input\_vpcs) | VPC ID which the hosted zone should be associated with | <pre>map(object({<br/>    vpc_id     = string<br/>    vpc_region = string<br/>  }))</pre> | n/a | yes |
-
-## Outputs
-
-| Name | Description |
-|------|-------------|
-| <a name="output_private_zone_id"></a> [private\_zone\_id](#output\_private\_zone\_id) | The ID of the Private Route 53 Hosted Zone |
-| <a name="output_private_zone_name"></a> [private\_zone\_name](#output\_private\_zone\_name) | The domain name of the Private Route 53 Hosted Zone |
-| <a name="output_public_zone_id"></a> [public\_zone\_id](#output\_public\_zone\_id) | The ID of the Public Route 53 Hosted Zone |
-| <a name="output_public_zone_name"></a> [public\_zone\_name](#output\_public\_zone\_name) | The domain name of the Public Route 53 Hosted Zone |
diff --git a/modules/aws/route53/backend.tf b/modules/aws/route53/backend.tf
deleted file mode 100644
index f2702bf..0000000
--- a/modules/aws/route53/backend.tf
+++ /dev/null
@@ -1,7 +0,0 @@
-terraform {
-  required_providers {
-    aws = {
-      source = "hashicorp/aws"
-    }
-  }
-}
diff --git a/modules/aws/route53/main.tf b/modules/aws/route53/main.tf
deleted file mode 100644
index a9a9453..0000000
--- a/modules/aws/route53/main.tf
+++ /dev/null
@@ -1,24 +0,0 @@
-resource "aws_route53_zone" "public_zone" {
-  name     = var.domain_name
-  provider = aws
-  tags = {
-    name = "${var.domain_name} - Public Zone"
-  }
-}
-
-resource "aws_route53_zone" "private_zone" {
-  name     = var.domain_name
-  provider = aws
-
-  dynamic "vpc" {
-    for_each = var.vpcs
-    content {
-      vpc_id     = vpc.value.vpc_id
-      vpc_region = vpc.value.vpc_region
-    }
-  }
-
-  tags = {
-    name = "${var.domain_name} - Private Zone"
-  }
-}
diff --git a/modules/aws/route53/variables.tf b/modules/aws/route53/variables.tf
deleted file mode 100644
index 5ed8228..0000000
--- a/modules/aws/route53/variables.tf
+++ /dev/null
@@ -1,11 +0,0 @@
-variable "vpcs" {
-  description = "VPC ID which the hosted zone should be associated with"
-  type = map(object({
-    vpc_id     = string
-    vpc_region = string
-  }))
-}
-
-variable "domain_name" {
-  type = string
-}
diff --git a/modules/aws/secret/README.md b/modules/aws/secret/README.md
deleted file mode 100644
index 980540e..0000000
--- a/modules/aws/secret/README.md
+++ /dev/null
@@ -1,35 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.87.0 |
-| <a name="provider_random"></a> [random](#provider\_random) | 3.6.3 |
-
-## Modules
-
-No modules.
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [aws_secretsmanager_secret.nullservice_params_encryption](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret) | resource |
-| [aws_secretsmanager_secret_version.encryption_key](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret_version) | resource |
-| [random_uuid.encryption_key](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/uuid) | resource |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_name"></a> [name](#input\_name) | the bucket name | `string` | n/a | yes |
-
-## Outputs
-
-| Name | Description |
-|------|-------------|
-| <a name="output_parameters_encryption"></a> [parameters\_encryption](#output\_parameters\_encryption) | Secret manager arn to encrypt parameters into parameters bucket |
-| <a name="output_parameters_encryption_arn"></a> [parameters\_encryption\_arn](#output\_parameters\_encryption\_arn) | Secret manager arn to encrypt parameters into parameters bucket |
diff --git a/modules/aws/secret/backend.tf b/modules/aws/secret/backend.tf
deleted file mode 100644
index f2702bf..0000000
--- a/modules/aws/secret/backend.tf
+++ /dev/null
@@ -1,7 +0,0 @@
-terraform {
-  required_providers {
-    aws = {
-      source = "hashicorp/aws"
-    }
-  }
-}
diff --git a/modules/aws/secret/main.tf b/modules/aws/secret/main.tf
deleted file mode 100644
index 172bb6a..0000000
--- a/modules/aws/secret/main.tf
+++ /dev/null
@@ -1,19 +0,0 @@
-resource "random_uuid" "encryption_key" {
-}
-
-resource "aws_secretsmanager_secret" "nullservice_params_encryption" {
-  name = "nullservice/params-${var.name}"
-
-  force_overwrite_replica_secret = true
-  recovery_window_in_days        = 0
-
-}
-
-resource "aws_secretsmanager_secret_version" "encryption_key" {
-  secret_id     = aws_secretsmanager_secret.nullservice_params_encryption.id
-  secret_string = <<EOF
-        {
-          "encryption_key": "${random_uuid.encryption_key.result}"
-        }
-        EOF
-}
diff --git a/modules/aws/secret/output.tf b/modules/aws/secret/output.tf
deleted file mode 100644
index e8feb0c..0000000
--- a/modules/aws/secret/output.tf
+++ /dev/null
@@ -1,10 +0,0 @@
-
-output "parameters_encryption_arn" {
-  description = "Secret manager arn to encrypt parameters into parameters bucket"
-  value       = aws_secretsmanager_secret.nullservice_params_encryption.arn
-}
-
-output "parameters_encryption" {
-  description = "Secret manager arn to encrypt parameters into parameters bucket"
-  value       = aws_secretsmanager_secret.nullservice_params_encryption.name
-}
diff --git a/modules/aws/secret/variables.tf b/modules/aws/secret/variables.tf
deleted file mode 100644
index a49b4ef..0000000
--- a/modules/aws/secret/variables.tf
+++ /dev/null
@@ -1,4 +0,0 @@
-variable "name" {
-  type        = string
-  description = "the bucket name"
-}
diff --git a/modules/aws/vpc/.terraform.lock.hcl b/modules/aws/vpc/.terraform.lock.hcl
deleted file mode 100644
index 18461d6..0000000
--- a/modules/aws/vpc/.terraform.lock.hcl
+++ /dev/null
@@ -1,25 +0,0 @@
-# This file is maintained automatically by "terraform init".
-# Manual edits may be lost in future updates.
-
-provider "registry.terraform.io/hashicorp/aws" {
-  version     = "6.9.0"
-  constraints = ">= 5.79.0"
-  hashes = [
-    "h1:tYd0S1e8xSwAM3NtDrvu2e80pV9fvLEWAjhtDR4JP5o=",
-    "zh:0121aeca90856ba37d03cff9eed40321cc3ae1c0f77bef3329e17212c48f884a",
-    "zh:4f09e73f948d4545358eed978bc41fd1a825c65b530a532bfaf9aaba93ac6e55",
-    "zh:58604213402b5dba8360367e09b3d3762736980c80a72d6297be7cb71fe8dc8d",
-    "zh:5aa9fe54fc9aba0780cae11becfce698e5093ee002066590599277d5aa71e59e",
-    "zh:7e8546575a80d54b8db7edb53574c2d1f04afbdbafc599d0eb78da9e74e917f7",
-    "zh:846ce59c9f7ec3c92b33fe3a0d98386420bcbb971260da9ff869b219a1125df4",
-    "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425",
-    "zh:9bd2cb527dcbd76977c18f3f6844638b6d5039f070accc41d064831f98aa7b40",
-    "zh:9df98266de85cf047c9a2e43b892c74479805e0936dbb3583aef314d2fa0f5fc",
-    "zh:a4fc8e9645b147902bcf36f10ea1891ca92661c4ee4135046cc79b8ce6fe1093",
-    "zh:afe3029760f7aa5484e26c80670f86b6b5054126776376ba6aec4aa8a41483ce",
-    "zh:c158cd1790422237ab2a2e10fc02e5522bd7bce39c067ffbc9edda1e6c9ebf3b",
-    "zh:f5408929d5df6f81fcb93a433e0dbc0432b748b400cc41910328b936a7590fd5",
-    "zh:f6331bb27134e288d8c324b2390c610fd924f71af1ec27f79070dfa26f4dd410",
-    "zh:f6b8b429d5fa71f186bda45468bbde230a1697a38480487f41d7172f1e374e2d",
-  ]
-}
diff --git a/modules/aws/vpc/README.md b/modules/aws/vpc/README.md
deleted file mode 100644
index 524399a..0000000
--- a/modules/aws/vpc/README.md
+++ /dev/null
@@ -1,35 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-No providers.
-
-## Modules
-
-| Name | Source | Version |
-|------|--------|---------|
-| <a name="module_vpc"></a> [vpc](#module\_vpc) | terraform-aws-modules/vpc/aws | n/a |
-
-## Resources
-
-No resources.
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_suffix"></a> [suffix](#input\_suffix) | A suffix for the bucket name | `string` | n/a | yes |
-| <a name="input_vpc"></a> [vpc](#input\_vpc) | A VPC with public and private subnets | `any` | n/a | yes |
-
-## Outputs
-
-| Name | Description |
-|------|-------------|
-| <a name="output_private_subnet_arns"></a> [private\_subnet\_arns](#output\_private\_subnet\_arns) | List of ARNs of private subnets |
-| <a name="output_private_subnets"></a> [private\_subnets](#output\_private\_subnets) | List of IDs of private subnets |
-| <a name="output_private_subnets_cidr_blocks"></a> [private\_subnets\_cidr\_blocks](#output\_private\_subnets\_cidr\_blocks) | List of cidr\_blocks of private subnets |
-| <a name="output_public_subnets"></a> [public\_subnets](#output\_public\_subnets) | List of IDs of public subnets |
-| <a name="output_vpc_arn"></a> [vpc\_arn](#output\_vpc\_arn) | The ARN of the VPC |
-| <a name="output_vpc_id"></a> [vpc\_id](#output\_vpc\_id) | The ID of the VPC |
diff --git a/modules/aws/vpc/backend.tf b/modules/aws/vpc/backend.tf
deleted file mode 100644
index f2702bf..0000000
--- a/modules/aws/vpc/backend.tf
+++ /dev/null
@@ -1,7 +0,0 @@
-terraform {
-  required_providers {
-    aws = {
-      source = "hashicorp/aws"
-    }
-  }
-}
diff --git a/modules/aws/vpc/output.tf b/modules/aws/vpc/output.tf
deleted file mode 100644
index 48a6950..0000000
--- a/modules/aws/vpc/output.tf
+++ /dev/null
@@ -1,30 +0,0 @@
-output "vpc_id" {
-  description = "The ID of the VPC"
-  value       = module.vpc.vpc_id
-}
-
-output "vpc_arn" {
-  description = "The ARN of the VPC"
-  value       = module.vpc.vpc_arn
-}
-
-output "public_subnets" {
-  description = "List of IDs of public subnets"
-  value       = module.vpc.public_subnets
-}
-
-output "private_subnets" {
-  description = "List of IDs of private subnets"
-  value       = module.vpc.private_subnets
-}
-
-output "private_subnet_arns" {
-  description = "List of ARNs of private subnets"
-  value       = module.vpc.private_subnet_arns
-}
-
-output "private_subnets_cidr_blocks" {
-  description = "List of cidr_blocks of private subnets"
-  value       = module.vpc.private_subnets_cidr_blocks
-}
-
diff --git a/modules/aws/vpc/variables.tf b/modules/aws/vpc/variables.tf
deleted file mode 100644
index 7a1dda6..0000000
--- a/modules/aws/vpc/variables.tf
+++ /dev/null
@@ -1,8 +0,0 @@
-variable "vpc" {
-  description = "A VPC with public and private subnets"
-}
-
-variable "suffix" {
-  type        = string
-  description = "A suffix for the bucket name"
-}
diff --git a/modules/gcp/README.md b/modules/gcp/README.md
deleted file mode 100644
index 5ca9045..0000000
--- a/modules/gcp/README.md
+++ /dev/null
@@ -1,23 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-No providers.
-
-## Modules
-
-No modules.
-
-## Resources
-
-No resources.
-
-## Inputs
-
-No inputs.
-
-## Outputs
-
-No outputs.
diff --git a/modules/gcp/bucket/README.md b/modules/gcp/bucket/README.md
deleted file mode 100644
index 05affcd..0000000
--- a/modules/gcp/bucket/README.md
+++ /dev/null
@@ -1,36 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_google"></a> [google](#provider\_google) | 6.19.0 |
-
-## Modules
-
-No modules.
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [google_storage_bucket.bucket](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/storage_bucket) | resource |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_max_accepted_versions"></a> [max\_accepted\_versions](#input\_max\_accepted\_versions) | Maximum number of versions of a bucket | `number` | `10` | no |
-| <a name="input_max_days_in_bucket"></a> [max\_days\_in\_bucket](#input\_max\_days\_in\_bucket) | Number of days before objects automatically expire | `number` | `30` | no |
-| <a name="input_name"></a> [name](#input\_name) | Name of the bucket | `string` | n/a | yes |
-| <a name="input_region"></a> [region](#input\_region) | Region of the bucket | `string` | n/a | yes |
-| <a name="input_storage_class"></a> [storage\_class](#input\_storage\_class) | Storage class of the bucket (e.g., STANDARD, NEARLINE, COLDLINE, ARCHIVE) | `string` | `"STANDARD"` | no |
-
-## Outputs
-
-| Name | Description |
-|------|-------------|
-| <a name="output_bucket_versioning_status"></a> [bucket\_versioning\_status](#output\_bucket\_versioning\_status) | Indicates whether versioning is enabled |
-| <a name="output_created_bucket_name"></a> [created\_bucket\_name](#output\_created\_bucket\_name) | Name of the bucket created in GCP |
diff --git a/modules/gcp/bucket/main.tf b/modules/gcp/bucket/main.tf
deleted file mode 100644
index fc39a4f..0000000
--- a/modules/gcp/bucket/main.tf
+++ /dev/null
@@ -1,29 +0,0 @@
-resource "google_storage_bucket" "bucket" {
-  name                        = var.name
-  location                    = var.region
-  force_destroy               = true
-  storage_class               = var.storage_class
-  uniform_bucket_level_access = true
-
-  versioning {
-    enabled = true
-  }
-
-  lifecycle_rule {
-    action {
-      type = "Delete"
-    }
-    condition {
-      age = var.max_days_in_bucket
-    }
-  }
-
-  lifecycle_rule {
-    action {
-      type = "Delete"
-    }
-    condition {
-      num_newer_versions = var.max_accepted_versions
-    }
-  }
-}
diff --git a/modules/gcp/bucket/outputs.tf b/modules/gcp/bucket/outputs.tf
deleted file mode 100644
index 7130392..0000000
--- a/modules/gcp/bucket/outputs.tf
+++ /dev/null
@@ -1,9 +0,0 @@
-output "created_bucket_name" {
-  value       = google_storage_bucket.bucket.name
-  description = "Name of the bucket created in GCP"
-}
-
-output "bucket_versioning_status" {
-  value       = google_storage_bucket.bucket.versioning[0].enabled
-  description = "Indicates whether versioning is enabled"
-}
diff --git a/modules/gcp/bucket/variables.tf b/modules/gcp/bucket/variables.tf
deleted file mode 100644
index 2e287d2..0000000
--- a/modules/gcp/bucket/variables.tf
+++ /dev/null
@@ -1,28 +0,0 @@
-variable "name" {
-  description = "Name of the bucket"
-  type        = string
-}
-
-variable "region" {
-  description = "Region of the bucket"
-  type        = string
-}
-
-variable "storage_class" {
-  description = "Storage class of the bucket (e.g., STANDARD, NEARLINE, COLDLINE, ARCHIVE)"
-  type        = string
-  default     = "STANDARD"
-}
-
-variable "max_days_in_bucket" {
-  description = "Number of days before objects automatically expire"
-  type        = number
-  default     = 30
-}
-
-variable "max_accepted_versions" {
-  description = "Maximum number of versions of a bucket"
-  type        = number
-  default     = 10
-}
-
diff --git a/modules/gcp/dns/README.md b/modules/gcp/dns/README.md
deleted file mode 100644
index 4086c43..0000000
--- a/modules/gcp/dns/README.md
+++ /dev/null
@@ -1,35 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_google"></a> [google](#provider\_google) | 6.19.0 |
-
-## Modules
-
-No modules.
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [google_dns_managed_zone.private-zone](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/dns_managed_zone) | resource |
-| [google_dns_managed_zone.public-zone](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/dns_managed_zone) | resource |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_network_id"></a> [network\_id](#input\_network\_id) | The id of the network to associate the private dns | `string` | n/a | yes |
-| <a name="input_private_domain_name"></a> [private\_domain\_name](#input\_private\_domain\_name) | The name of the private domain | `string` | n/a | yes |
-| <a name="input_public_domain_name"></a> [public\_domain\_name](#input\_public\_domain\_name) | The name of the public domain | `string` | n/a | yes |
-
-## Outputs
-
-| Name | Description |
-|------|-------------|
-| <a name="output_private_domain_name"></a> [private\_domain\_name](#output\_private\_domain\_name) | n/a |
-| <a name="output_public_domain_name"></a> [public\_domain\_name](#output\_public\_domain\_name) | n/a |
diff --git a/modules/gcp/dns/locals.tf b/modules/gcp/dns/locals.tf
deleted file mode 100644
index 65415cb..0000000
--- a/modules/gcp/dns/locals.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-locals {
-  description = "Nullplatform delegation"
-}
diff --git a/modules/gcp/dns/main.tf b/modules/gcp/dns/main.tf
deleted file mode 100644
index 588386b..0000000
--- a/modules/gcp/dns/main.tf
+++ /dev/null
@@ -1,19 +0,0 @@
-resource "google_dns_managed_zone" "public-zone" {
-  name        = replace(var.public_domain_name, ".", "-")
-  dns_name    = "${var.public_domain_name}."
-  description = local.description
-}
-
-resource "google_dns_managed_zone" "private-zone" {
-  name        = replace(var.private_domain_name, ".", "-")
-  dns_name    = "${var.private_domain_name}."
-  description = local.description
-
-  visibility = "private"
-
-  private_visibility_config {
-    networks {
-      network_url = var.network_id
-    }
-  }
-}
diff --git a/modules/gcp/dns/output.tf b/modules/gcp/dns/output.tf
deleted file mode 100644
index d1c3806..0000000
--- a/modules/gcp/dns/output.tf
+++ /dev/null
@@ -1,7 +0,0 @@
-output "public_domain_name" {
-  value = google_dns_managed_zone.public-zone.name
-}
-
-output "private_domain_name" {
-  value = google_dns_managed_zone.private-zone.name
-}
diff --git a/modules/gcp/dns/variables.tf b/modules/gcp/dns/variables.tf
deleted file mode 100644
index 428181f..0000000
--- a/modules/gcp/dns/variables.tf
+++ /dev/null
@@ -1,14 +0,0 @@
-variable "public_domain_name" {
-  type        = string
-  description = "The name of the public domain"
-}
-
-variable "private_domain_name" {
-  type        = string
-  description = "The name of the private domain"
-}
-
-variable "network_id" {
-  type        = string
-  description = "The id of the network to associate the private dns"
-}
diff --git a/modules/gcp/gke/README.md b/modules/gcp/gke/README.md
deleted file mode 100644
index 069787c..0000000
--- a/modules/gcp/gke/README.md
+++ /dev/null
@@ -1,45 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_google"></a> [google](#provider\_google) | 6.19.0 |
-
-## Modules
-
-No modules.
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [google_container_cluster.gke](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster) | resource |
-| [google_project_iam_member.gke_artifact_access](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/project_iam_member) | resource |
-| [google_service_account.gke_service_account](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/service_account) | resource |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_cluster_name"></a> [cluster\_name](#input\_cluster\_name) | value for the GKE cluster name | `string` | n/a | yes |
-| <a name="input_deletion_protection"></a> [deletion\_protection](#input\_deletion\_protection) | value for the GKE cluster deletion protection | `bool` | `false` | no |
-| <a name="input_disk_size_gb"></a> [disk\_size\_gb](#input\_disk\_size\_gb) | n/a | `number` | `20` | no |
-| <a name="input_environment"></a> [environment](#input\_environment) | Environment for the GKE cluster (e.g., dev, stg, prod) | `string` | n/a | yes |
-| <a name="input_initial_node_count"></a> [initial\_node\_count](#input\_initial\_node\_count) | n/a | `number` | `3` | no |
-| <a name="input_machine_type"></a> [machine\_type](#input\_machine\_type) | n/a | `string` | `"e2-medium"` | no |
-| <a name="input_network_id"></a> [network\_id](#input\_network\_id) | Network ID for the GKE cluster | `string` | n/a | yes |
-| <a name="input_node_count"></a> [node\_count](#input\_node\_count) | n/a | `number` | `3` | no |
-| <a name="input_project_id"></a> [project\_id](#input\_project\_id) | Project ID for the GKE cluster | `string` | n/a | yes |
-| <a name="input_region"></a> [region](#input\_region) | Region for the GKE cluster | `string` | n/a | yes |
-| <a name="input_subnet_id"></a> [subnet\_id](#input\_subnet\_id) | Subnet ID for the GKE cluster | `string` | n/a | yes |
-
-## Outputs
-
-| Name | Description |
-|------|-------------|
-| <a name="output_cluster_ca_certificate"></a> [cluster\_ca\_certificate](#output\_cluster\_ca\_certificate) | n/a |
-| <a name="output_cluster_endpoint"></a> [cluster\_endpoint](#output\_cluster\_endpoint) | n/a |
-| <a name="output_name"></a> [name](#output\_name) | n/a |
diff --git a/modules/gcp/gke/main.tf b/modules/gcp/gke/main.tf
deleted file mode 100644
index 7a619da..0000000
--- a/modules/gcp/gke/main.tf
+++ /dev/null
@@ -1,31 +0,0 @@
-resource "google_container_cluster" "gke" {
-  name     = "${var.cluster_name}-${var.environment}"
-  location = var.region
-
-  deletion_protection = var.deletion_protection
-
-  network    = var.network_id
-  subnetwork = var.subnet_id
-
-  initial_node_count = var.initial_node_count
-
-  node_config {
-    disk_size_gb    = var.disk_size_gb
-    machine_type    = var.machine_type
-    service_account = google_service_account.gke_service_account.email
-    oauth_scopes    = ["https://www.googleapis.com/auth/cloud-platform"]
-
-  }
-}
-
-resource "google_project_iam_member" "gke_artifact_access" {
-  project = var.project_id
-  role    = "roles/artifactregistry.reader"
-  member  = "serviceAccount:${google_service_account.gke_service_account.email}"
-}
-
-resource "google_service_account" "gke_service_account" {
-  account_id   = "nullplatform-gke-sa"
-  display_name = "Nullplatform GKE Service Account"
-}
-
diff --git a/modules/gcp/gke/outputs.tf b/modules/gcp/gke/outputs.tf
deleted file mode 100644
index a525f38..0000000
--- a/modules/gcp/gke/outputs.tf
+++ /dev/null
@@ -1,11 +0,0 @@
-output "cluster_endpoint" {
-  value = google_container_cluster.gke.endpoint
-}
-
-output "cluster_ca_certificate" {
-  value = base64decode(google_container_cluster.gke.master_auth[0].cluster_ca_certificate)
-}
-
-output "name" {
-  value = google_container_cluster.gke.name
-}
diff --git a/modules/gcp/gke/variables.tf b/modules/gcp/gke/variables.tf
deleted file mode 100644
index 5754de7..0000000
--- a/modules/gcp/gke/variables.tf
+++ /dev/null
@@ -1,55 +0,0 @@
-variable "project_id" {
-  type        = string
-  description = "Project ID for the GKE cluster"
-}
-
-variable "region" {
-  type        = string
-  description = "Region for the GKE cluster"
-}
-
-variable "cluster_name" {
-  type        = string
-  description = "value for the GKE cluster name"
-}
-
-variable "network_id" {
-  type        = string
-  description = "Network ID for the GKE cluster"
-}
-
-variable "subnet_id" {
-  type        = string
-  description = "Subnet ID for the GKE cluster"
-}
-
-variable "node_count" {
-  type    = number
-  default = 3
-}
-
-variable "disk_size_gb" {
-  type    = number
-  default = 20
-}
-
-variable "machine_type" {
-  type    = string
-  default = "e2-medium"
-}
-
-variable "environment" {
-  description = "Environment for the GKE cluster (e.g., dev, stg, prod)"
-  type        = string
-}
-
-variable "initial_node_count" {
-  type    = number
-  default = 3
-}
-
-variable "deletion_protection" {
-  type        = bool
-  default     = false
-  description = "value for the GKE cluster deletion protection"
-}
diff --git a/modules/gcp/registry/README.md b/modules/gcp/registry/README.md
deleted file mode 100644
index f3354f1..0000000
--- a/modules/gcp/registry/README.md
+++ /dev/null
@@ -1,33 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_google"></a> [google](#provider\_google) | n/a |
-
-## Modules
-
-No modules.
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [google_artifact_registry_repository.registry](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/artifact_registry_repository) | resource |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_name"></a> [name](#input\_name) | The repository name | `string` | `"nullplatform-central-repository"` | no |
-| <a name="input_project_id"></a> [project\_id](#input\_project\_id) | GCP project id | `string` | n/a | yes |
-| <a name="input_region"></a> [region](#input\_region) | Region name | `string` | n/a | yes |
-
-## Outputs
-
-| Name | Description |
-|------|-------------|
-| <a name="output_repository_name"></a> [repository\_name](#output\_repository\_name) | n/a |
diff --git a/modules/gcp/registry/artifact-registry.tf b/modules/gcp/registry/artifact-registry.tf
deleted file mode 100644
index e8b75b5..0000000
--- a/modules/gcp/registry/artifact-registry.tf
+++ /dev/null
@@ -1,10 +0,0 @@
-resource "google_artifact_registry_repository" "registry" {
-  project       = var.project_id
-  location      = var.region
-  repository_id = var.name
-  format        = "DOCKER"
-
-  labels = {
-    environment = "global"
-  }
-}
diff --git a/modules/gcp/registry/output.tf b/modules/gcp/registry/output.tf
deleted file mode 100644
index 9af2201..0000000
--- a/modules/gcp/registry/output.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-output "repository_name" {
-  value = var.name
-}
diff --git a/modules/gcp/registry/variable.tf b/modules/gcp/registry/variable.tf
deleted file mode 100644
index c5c0f63..0000000
--- a/modules/gcp/registry/variable.tf
+++ /dev/null
@@ -1,15 +0,0 @@
-variable "project_id" {
-  type        = string
-  description = "GCP project id"
-}
-
-variable "region" {
-  type        = string
-  description = "Region name"
-}
-
-variable "name" {
-  type        = string
-  description = "The repository name"
-  default     = "nullplatform-central-repository"
-}
diff --git a/modules/gcp/vpc/README.md b/modules/gcp/vpc/README.md
deleted file mode 100644
index ab8fffb..0000000
--- a/modules/gcp/vpc/README.md
+++ /dev/null
@@ -1,38 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_google"></a> [google](#provider\_google) | 6.19.0 |
-
-## Modules
-
-No modules.
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [google_compute_network.vpc](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_network) | resource |
-| [google_compute_subnetwork.subnets](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_subnetwork) | resource |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_environment"></a> [environment](#input\_environment) | Environment for the VPC (e.g., dev, stg, prod) | `string` | n/a | yes |
-| <a name="input_name"></a> [name](#input\_name) | Name of the bucket | `string` | n/a | yes |
-| <a name="input_project_id"></a> [project\_id](#input\_project\_id) | Project ID for the GKE cluster | `string` | n/a | yes |
-| <a name="input_region"></a> [region](#input\_region) | Region for the GKE cluster | `string` | n/a | yes |
-| <a name="input_subnet_cidr_map"></a> [subnet\_cidr\_map](#input\_subnet\_cidr\_map) | n/a | `list(string)` | n/a | yes |
-| <a name="input_vpc_cidr_block"></a> [vpc\_cidr\_block](#input\_vpc\_cidr\_block) | CIDR for the VPC block | `string` | n/a | yes |
-
-## Outputs
-
-| Name | Description |
-|------|-------------|
-| <a name="output_subnets"></a> [subnets](#output\_subnets) | n/a |
-| <a name="output_vpc_id"></a> [vpc\_id](#output\_vpc\_id) | n/a |
diff --git a/modules/gcp/vpc/main.tf b/modules/gcp/vpc/main.tf
deleted file mode 100644
index f141e2f..0000000
--- a/modules/gcp/vpc/main.tf
+++ /dev/null
@@ -1,12 +0,0 @@
-resource "google_compute_network" "vpc" {
-  name                    = "${var.name}-${var.environment}"
-  auto_create_subnetworks = false
-}
-
-resource "google_compute_subnetwork" "subnets" {
-  for_each      = { for idx, val in var.subnet_cidr_map : idx => val }
-  name          = "${var.name}-${var.environment}-${each.key}"
-  ip_cidr_range = each.value
-  network       = google_compute_network.vpc.id
-  region        = var.region
-}
diff --git a/modules/gcp/vpc/outputs.tf b/modules/gcp/vpc/outputs.tf
deleted file mode 100644
index 893ff07..0000000
--- a/modules/gcp/vpc/outputs.tf
+++ /dev/null
@@ -1,10 +0,0 @@
-output "vpc_id" {
-  value = google_compute_network.vpc.id
-}
-
-output "subnets" {
-  value = {
-    for key, subnet in google_compute_subnetwork.subnets :
-    key => subnet.self_link
-  }
-}
\ No newline at end of file
diff --git a/modules/gcp/vpc/variables.tf b/modules/gcp/vpc/variables.tf
deleted file mode 100644
index 7def55e..0000000
--- a/modules/gcp/vpc/variables.tf
+++ /dev/null
@@ -1,28 +0,0 @@
-variable "project_id" {
-  type        = string
-  description = "Project ID for the GKE cluster"
-}
-
-variable "region" {
-  type        = string
-  description = "Region for the GKE cluster"
-}
-
-variable "name" {
-  description = "Name of the bucket"
-  type        = string
-}
-
-variable "vpc_cidr_block" {
-  type        = string
-  description = "CIDR for the VPC block"
-}
-
-variable "subnet_cidr_map" {
-  type = list(string)
-}
-
-variable "environment" {
-  description = "Environment for the VPC (e.g., dev, stg, prod)"
-  type        = string
-}
diff --git a/modules/kubernetes/README.md b/modules/kubernetes/README.md
deleted file mode 100644
index 5ca9045..0000000
--- a/modules/kubernetes/README.md
+++ /dev/null
@@ -1,23 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-No providers.
-
-## Modules
-
-No modules.
-
-## Resources
-
-No resources.
-
-## Inputs
-
-No inputs.
-
-## Outputs
-
-No outputs.
diff --git a/modules/kubernetes/helm/aws-alb-controller/.terraform.lock.hcl b/modules/kubernetes/helm/aws-alb-controller/.terraform.lock.hcl
deleted file mode 100644
index 7a8e2b0..0000000
--- a/modules/kubernetes/helm/aws-alb-controller/.terraform.lock.hcl
+++ /dev/null
@@ -1,63 +0,0 @@
-# This file is maintained automatically by "terraform init".
-# Manual edits may be lost in future updates.
-
-provider "registry.terraform.io/hashicorp/aws" {
-  version     = "6.0.0"
-  constraints = ">= 4.0.0"
-  hashes = [
-    "h1:dbRRZ1NzH1QV/+83xT/X3MLYaZobMXt8DNwbqnJojpo=",
-    "zh:16b1bb786719b7ebcddba3ab751b976ebf4006f7144afeebcb83f0c5f41f8eb9",
-    "zh:1fbc08b817b9eaf45a2b72ccba59f4ea19e7fcf017be29f5a9552b623eccc5bc",
-    "zh:304f58f3333dbe846cfbdfc2227e6ed77041ceea33b6183972f3f8ab51bd065f",
-    "zh:4cd447b5c24f14553bd6e1a0e4fea3c7d7b218cbb2316a3d93f1c5cb562c181b",
-    "zh:589472b56be8277558616075fc5480fcd812ba6dc70e8979375fc6d8750f83ef",
-    "zh:5d78484ba43c26f1ef6067c4150550b06fd39c5d4bfb790f92c4a6f7d9d0201b",
-    "zh:5f470ce664bffb22ace736643d2abe7ad45858022b652143bcd02d71d38d4e42",
-    "zh:7a9cbb947aaab8c885096bce5da22838ca482196cf7d04ffb8bdf7fd28003e47",
-    "zh:854df3e4c50675e727705a0eaa4f8d42ccd7df6a5efa2456f0205a9901ace019",
-    "zh:87162c0f47b1260f5969679dccb246cb528f27f01229d02fd30a8e2f9869ba2c",
-    "zh:9a145404d506b52078cd7060e6cbb83f8fc7953f3f63a5e7137d41f69d6317a3",
-    "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425",
-    "zh:a4eab2649f5afe06cc406ce2aaf9fd44dcf311123f48d344c255e93454c08921",
-    "zh:bea09141c6186a3e133413ae3a2e3d1aaf4f43466a6a468827287527edf21710",
-    "zh:d7ea2a35ff55ddfe639ab3b04331556b772a8698eca01f5d74151615d9f336db",
-  ]
-}
-
-provider "registry.terraform.io/hashicorp/helm" {
-  version = "3.0.2"
-  hashes = [
-    "h1:tOye2RnjFNXH236AsqGaIWtz4j6PZrpPuJhOSBt0KxU=",
-    "zh:2778de76c7dfb2e85c75fe6de3c11172a25551ed499bfb9e9f940a5be81167b0",
-    "zh:3b4c436a41e4fbae5f152852a9bd5c97db4460af384e26977477a40adf036690",
-    "zh:617a372f5bb2288f3faf5fd4c878a68bf08541cf418a3dbb8a19bc41ad4a0bf2",
-    "zh:84de431479548c96cb61c495278e320f361e80ab4f8835a5425ece24a9b6d310",
-    "zh:8b4cf5f81d10214e5e1857d96cff60a382a22b9caded7f5d7a92e5537fc166c1",
-    "zh:baeb26a00ffbcf3d507cdd940b2a2887eee723af5d3319a53eec69048d5e341e",
-    "zh:ca05a8814e9bf5fbffcd642df3a8d9fae9549776c7057ceae6d6f56471bae80f",
-    "zh:ca4bf3f94dedb5c5b1a73568f2dad7daf0ef3f85e688bc8bc2d0e915ec148366",
-    "zh:d331f2129fd3165c4bda875c84a65555b22eb007801522b9e017d065ac69b67e",
-    "zh:e583b2b478dde67da28e605ab4ef6521c2e390299b471d7d8ef05a0b608dcdad",
-    "zh:f238b86611647c108c073d265f8891a2738d3158c247468ae0ff5b1a3ac4122a",
-    "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
-  ]
-}
-
-provider "registry.terraform.io/hashicorp/kubernetes" {
-  version = "2.37.1"
-  hashes = [
-    "h1:+37jC6JlkPyPvDHudK3qaj7ZVJ0Zy9zc9+oq8h1WayA=",
-    "zh:0ed097413c7fc804479e325966886b405dc0b75ad2b4f54ce4df1d8e4802b397",
-    "zh:17dcf4a685a00d2d048671124e8a1a8e836b58ecd2ef628a1c666fe0ced2e598",
-    "zh:36891284e5bced57c438f12d0b27856b0d4b70b562bd200b01919a6a89545be9",
-    "zh:3e49d86b508e641ba122d1b0af24cdc4d8ffa2ec1b30022436fb1d7c6ba696ea",
-    "zh:40be623e116708bdcb0fac32989db43720f031c5fe9a4dc63395078185d24403",
-    "zh:44fc0ac3bc39e289b67f9dde7ee9fef29eb8192197e5e68fee69098573021722",
-    "zh:957aa451573bcde5d57f6f8338ea3139010c7f61fefe8f6a140a8c267f056511",
-    "zh:c55fd85b7e8acaac17e30670ac3574b88b3530820dd004bcd2a5daa8624a46e9",
-    "zh:c743f06843a1f5ecde2b8ef639f4d3db654a334ef248dee57261c719ea843f3a",
-    "zh:c93cc71c64b838d89522ac5fb60f68e0e1e7f2fc39db6b0ead7afd78795e79ed",
-    "zh:eda1163c2266905adc54bc78cc3e7b606a164fbc6b59be607db933b302015ccd",
-    "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
-  ]
-}
diff --git a/modules/kubernetes/helm/aws-alb-controller/README.md b/modules/kubernetes/helm/aws-alb-controller/README.md
deleted file mode 100644
index bb48138..0000000
--- a/modules/kubernetes/helm/aws-alb-controller/README.md
+++ /dev/null
@@ -1,38 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.87.0 |
-| <a name="provider_helm"></a> [helm](#provider\_helm) | 2.17.0 |
-| <a name="provider_kubernetes"></a> [kubernetes](#provider\_kubernetes) | 2.35.1 |
-
-## Modules
-
-| Name | Source | Version |
-|------|--------|---------|
-| <a name="module_lb_role"></a> [lb\_role](#module\_lb\_role) | terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks | n/a |
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [helm_release.lb](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
-| [kubernetes_service_account.service-account](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/service_account) | resource |
-| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_cluster_name"></a> [cluster\_name](#input\_cluster\_name) | EKS Cluster Name | `string` | n/a | yes |
-| <a name="input_oidc_provider_arn"></a> [oidc\_provider\_arn](#input\_oidc\_provider\_arn) | OIDC Provider ARN used for IRSA | `string` | n/a | yes |
-| <a name="input_suffix"></a> [suffix](#input\_suffix) | A suffix for the bucket name | `string` | n/a | yes |
-| <a name="input_vpc_id"></a> [vpc\_id](#input\_vpc\_id) | VPC ID which Load balancers will be deployed in | `string` | n/a | yes |
-
-## Outputs
-
-No outputs.
diff --git a/modules/kubernetes/helm/aws-alb-controller/backend.tf b/modules/kubernetes/helm/aws-alb-controller/backend.tf
deleted file mode 100644
index 6498a39..0000000
--- a/modules/kubernetes/helm/aws-alb-controller/backend.tf
+++ /dev/null
@@ -1,13 +0,0 @@
-terraform {
-  required_providers {
-    helm = {
-      source = "hashicorp/helm"
-    }
-    aws = {
-      source = "hashicorp/aws"
-    }
-    kubernetes = {
-      source = "hashicorp/kubernetes"
-    }
-  }
-}
diff --git a/modules/kubernetes/helm/aws-alb-controller/main.tf b/modules/kubernetes/helm/aws-alb-controller/main.tf
deleted file mode 100644
index c7eda06..0000000
--- a/modules/kubernetes/helm/aws-alb-controller/main.tf
+++ /dev/null
@@ -1,66 +0,0 @@
-data "aws_region" "current" {
-}
-
-module "lb_role" {
-  source                                 = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks"
-  version                                = "~> 5.60"
-  role_name                              = "${var.cluster_name}_eks_lb_${var.suffix}"
-  attach_load_balancer_controller_policy = true
-  oidc_providers = {
-    main = {
-      provider_arn               = var.oidc_provider_arn
-      namespace_service_accounts = ["kube-system:aws-load-balancer-controller"]
-    }
-  }
-  role_permissions_boundary_arn = var.iam_role_permissions_boundary
-}
-
-resource "kubernetes_service_account" "service-account" {
-  metadata {
-    name      = "aws-load-balancer-controller"
-    namespace = "kube-system"
-    labels = {
-      "app.kubernetes.io/name"      = "aws-load-balancer-controller"
-      "app.kubernetes.io/component" = "controller"
-    }
-    annotations = {
-      "eks.amazonaws.com/role-arn"               = module.lb_role.iam_role_arn
-      "eks.amazonaws.com/sts-regional-endpoints" = "true"
-    }
-  }
-}
-
-resource "helm_release" "lb" {
-  name       = "aws-load-balancer-controller"
-  repository = "https://aws.github.io/eks-charts"
-  chart      = "aws-load-balancer-controller"
-  namespace  = "kube-system"
-  depends_on = [
-    kubernetes_service_account.service-account
-  ]
-  set {
-    name  = "region"
-    value = data.aws_region.current.name
-  }
-  set {
-    name  = "vpcId"
-    value = var.vpc_id
-  }
-  set {
-    name  = "image.repository"
-    value = "602401143452.dkr.ecr.${data.aws_region.current.name}.amazonaws.com/amazon/aws-load-balancer-controller"
-  }
-  set {
-    name  = "serviceAccount.create"
-    value = "false"
-  }
-  set {
-    name  = "serviceAccount.name"
-    value = "aws-load-balancer-controller"
-  }
-  set {
-    name  = "clusterName"
-    value = var.cluster_name
-  }
-}
-
diff --git a/modules/kubernetes/helm/aws-alb-controller/variables.tf b/modules/kubernetes/helm/aws-alb-controller/variables.tf
deleted file mode 100644
index 35459ba..0000000
--- a/modules/kubernetes/helm/aws-alb-controller/variables.tf
+++ /dev/null
@@ -1,25 +0,0 @@
-variable "cluster_name" {
-  description = "EKS Cluster Name"
-  type        = string
-}
-
-variable "vpc_id" {
-  description = "VPC ID which Load balancers will be deployed in"
-  type        = string
-}
-
-variable "oidc_provider_arn" {
-  description = "OIDC Provider ARN used for IRSA"
-  type        = string
-}
-
-variable "suffix" {
-  type        = string
-  description = "A suffix for the bucket name"
-}
-
-variable "iam_role_permissions_boundary" {
-  description = "ARN of the policy that is used to set the permissions boundary for the IAM role"
-  type        = string
-  default     = null
-}
\ No newline at end of file
diff --git a/modules/kubernetes/helm/cert-manager/README.md b/modules/kubernetes/helm/cert-manager/README.md
deleted file mode 100644
index d3e35a0..0000000
--- a/modules/kubernetes/helm/cert-manager/README.md
+++ /dev/null
@@ -1,31 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_helm"></a> [helm](#provider\_helm) | n/a |
-
-## Modules
-
-No modules.
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [helm_release.cert-manager](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
-| [helm_release.cert-manager-config](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_domain_name"></a> [domain\_name](#input\_domain\_name) | The hosted zone domain name. | `string` | n/a | yes |
-| <a name="input_values_yaml"></a> [values\_yaml](#input\_values\_yaml) | values.yaml for Nullplatform helm chart | `string` | n/a | yes |
-
-## Outputs
-
-No outputs.
diff --git a/modules/kubernetes/helm/cert-manager/backend.tf b/modules/kubernetes/helm/cert-manager/backend.tf
deleted file mode 100644
index 665c434..0000000
--- a/modules/kubernetes/helm/cert-manager/backend.tf
+++ /dev/null
@@ -1,7 +0,0 @@
-terraform {
-  required_providers {
-    helm = {
-      source = "hashicorp/helm"
-    }
-  }
-}
diff --git a/modules/kubernetes/helm/cert-manager/gcp/README.md b/modules/kubernetes/helm/cert-manager/gcp/README.md
deleted file mode 100644
index efcecd9..0000000
--- a/modules/kubernetes/helm/cert-manager/gcp/README.md
+++ /dev/null
@@ -1,29 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-No providers.
-
-## Modules
-
-| Name | Source | Version |
-|------|--------|---------|
-| <a name="module_cert-manager"></a> [cert-manager](#module\_cert-manager) | ./.. | n/a |
-
-## Resources
-
-No resources.
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_domain_name"></a> [domain\_name](#input\_domain\_name) | The hosted zone domain name. | `string` | n/a | yes |
-| <a name="input_project_id"></a> [project\_id](#input\_project\_id) | The gcp project id | `string` | n/a | yes |
-| <a name="input_service_account_key"></a> [service\_account\_key](#input\_service\_account\_key) | Base 64 service account key | `string` | n/a | yes |
-
-## Outputs
-
-No outputs.
diff --git a/modules/kubernetes/helm/cert-manager/gcp/main.tf b/modules/kubernetes/helm/cert-manager/gcp/main.tf
deleted file mode 100644
index 61cf740..0000000
--- a/modules/kubernetes/helm/cert-manager/gcp/main.tf
+++ /dev/null
@@ -1,9 +0,0 @@
-module "cert-manager" {
-  source      = "./.."
-  domain_name = var.domain_name
-  values_yaml = templatefile("${path.module}/template/values.yaml", {
-    domain_name         = var.domain_name,
-    project_id          = var.project_id,
-    service_account_key = var.service_account_key
-  })
-}
diff --git a/modules/kubernetes/helm/cert-manager/gcp/template/README.md b/modules/kubernetes/helm/cert-manager/gcp/template/README.md
deleted file mode 100644
index 5ca9045..0000000
--- a/modules/kubernetes/helm/cert-manager/gcp/template/README.md
+++ /dev/null
@@ -1,23 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-No providers.
-
-## Modules
-
-No modules.
-
-## Resources
-
-No resources.
-
-## Inputs
-
-No inputs.
-
-## Outputs
-
-No outputs.
diff --git a/modules/kubernetes/helm/cert-manager/gcp/template/values.yaml b/modules/kubernetes/helm/cert-manager/gcp/template/values.yaml
deleted file mode 100644
index bc77f5c..0000000
--- a/modules/kubernetes/helm/cert-manager/gcp/template/values.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
-hostedZoneName: "${domain_name}"
-gcp:
-  enabled: true
-  projectId: ${project_id}
-  serviceAccountKey: |
-    ${indent(4, service_account_key)}
-azure:
-  enabled: false
diff --git a/modules/kubernetes/helm/cert-manager/gcp/variables.tf b/modules/kubernetes/helm/cert-manager/gcp/variables.tf
deleted file mode 100644
index 5204ac7..0000000
--- a/modules/kubernetes/helm/cert-manager/gcp/variables.tf
+++ /dev/null
@@ -1,14 +0,0 @@
-variable "project_id" {
-  description = "The gcp project id"
-  type        = string
-}
-
-variable "service_account_key" {
-  description = "Base 64 service account key"
-  type        = string
-}
-
-variable "domain_name" {
-  description = "The hosted zone domain name."
-  type        = string
-}
diff --git a/modules/kubernetes/helm/cert-manager/main.tf b/modules/kubernetes/helm/cert-manager/main.tf
deleted file mode 100644
index 1b9b09d..0000000
--- a/modules/kubernetes/helm/cert-manager/main.tf
+++ /dev/null
@@ -1,32 +0,0 @@
-locals {
-  name      = "cert-manager"
-  namespace = "cert-manager"
-}
-
-resource "helm_release" "cert-manager" {
-  name = local.name
-
-  repository       = "https://charts.jetstack.io"
-  chart            = local.name
-  create_namespace = true
-  namespace        = local.namespace
-
-  set {
-    name  = "crds.enabled"
-    value = "true"
-  }
-}
-
-# This might fail if we do not install nullplatform base chart, if so, reexecuting terraform after manual step might solve the issue
-resource "helm_release" "cert-manager-config" {
-  name = "${local.name}-config"
-
-  repository       = "https://nullplatform.github.io/helm-charts"
-  chart            = "nullplatform-${local.name}-config"
-  create_namespace = true
-  namespace        = local.namespace
-
-  values = [
-    var.values_yaml
-  ]
-}
diff --git a/modules/kubernetes/helm/cert-manager/variables.tf b/modules/kubernetes/helm/cert-manager/variables.tf
deleted file mode 100644
index 0514177..0000000
--- a/modules/kubernetes/helm/cert-manager/variables.tf
+++ /dev/null
@@ -1,9 +0,0 @@
-variable "values_yaml" {
-  type        = string
-  description = "values.yaml for Nullplatform helm chart"
-}
-
-variable "domain_name" {
-  description = "The hosted zone domain name."
-  type        = string
-}
diff --git a/modules/kubernetes/helm/istio/README.md b/modules/kubernetes/helm/istio/README.md
deleted file mode 100644
index ec130c8..0000000
--- a/modules/kubernetes/helm/istio/README.md
+++ /dev/null
@@ -1,29 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_helm"></a> [helm](#provider\_helm) | n/a |
-
-## Modules
-
-No modules.
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [helm_release.istio_base](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
-| [helm_release.istio_ingressgateway](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
-| [helm_release.istiod](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
-
-## Inputs
-
-No inputs.
-
-## Outputs
-
-No outputs.
diff --git a/modules/kubernetes/helm/istio/backend.tf b/modules/kubernetes/helm/istio/backend.tf
deleted file mode 100644
index 665c434..0000000
--- a/modules/kubernetes/helm/istio/backend.tf
+++ /dev/null
@@ -1,7 +0,0 @@
-terraform {
-  required_providers {
-    helm = {
-      source = "hashicorp/helm"
-    }
-  }
-}
diff --git a/modules/kubernetes/helm/nullplatform/agent/.terraform.lock.hcl b/modules/kubernetes/helm/nullplatform/agent/.terraform.lock.hcl
deleted file mode 100644
index 2002b58..0000000
--- a/modules/kubernetes/helm/nullplatform/agent/.terraform.lock.hcl
+++ /dev/null
@@ -1,71 +0,0 @@
-# This file is maintained automatically by "tofu init".
-# Manual edits may be lost in future updates.
-
-provider "registry.opentofu.org/hashicorp/aws" {
-  version = "5.99.1"
-  hashes = [
-    "h1:0jNckFqimGrHhRB88880ovIpmoE20xhjRb94GBdgjwo=",
-    "zh:13a07422f776dd97214dfa89d6a88340b99613cbb869013c756c1a68fd8cdd9d",
-    "zh:1841d422278afa25d42a8d3ea9197ad08cf092769bd2aa89056d25d4c2629df8",
-    "zh:269016c7ba09d76e42fbcf15de28f2de0595ff9a7304a0500011a4493d7a1551",
-    "zh:2b842c3d0f30e048c05a37752b9c07d316656f3caf79841d08a4f1b057555eb2",
-    "zh:6559eedc095f70a51460dc702613a9033734ba536c1de1ed86a735a3c8131e40",
-    "zh:6d43b2676630344db3a7d6ba8330d20993492168f124e19e040a0aa914ec832e",
-    "zh:7f5d5cb0c1a492080b668f456de50f5b91fc67018c05f12483added3faf703f6",
-    "zh:c3bb8094bf26565150229f1ca6014d41d1283b8a2b06a15b45cd5a6b4ce82e28",
-    "zh:e45bc994d0c6e1c0a0b70e8378f2f933e924f05c91061ed2a97ceaf282e08a25",
-    "zh:ee725d6fbc1dbaa5017e9eab6fa0aa7e107a4ed73a4a8e2acab6b5d3d54cd0e4",
-  ]
-}
-
-provider "registry.opentofu.org/hashicorp/helm" {
-  version = "2.17.0"
-  hashes = [
-    "h1:ShIag7wqd5Rs+zYpVMpjAh+T0ozr4XGYfSTKWqceQBY=",
-    "zh:02690815e35131a42cb9851f63a3369c216af30ad093d05b39001d43da04b56b",
-    "zh:27a62f12b29926387f4d71aeeee9f7ffa0ccb81a1b6066ee895716ad050d1b7a",
-    "zh:2d0a5babfa73604b3fefc9dab9c87f91c77fce756c2e32b294e9f1290aed26c0",
-    "zh:3976400ceba6dda4636e1d297e3097e1831de5628afa534a166de98a70d1dcbe",
-    "zh:54440ef14f342b41d75c1aded7487bfcc3f76322b75894235b47b7e89ac4bfa4",
-    "zh:6512e2ab9f2fa31cbb90d9249647b5c5798f62eb1215ec44da2cdaa24e38ad25",
-    "zh:795f327ca0b8c5368af0ed03d5d4f6da7260692b4b3ca0bd004ed542e683464d",
-    "zh:ba659e1d94f224bc3f1fd34cbb9d2663e3a8e734108e5a58eb49eda84b140978",
-    "zh:c5c8575c4458835c2acbc3d1ed5570589b14baa2525d8fbd04295c097caf41eb",
-    "zh:e0877a5dac3de138e61eefa26b2f5a13305a17259779465899880f70e11314e0",
-  ]
-}
-
-provider "registry.opentofu.org/hashicorp/kubernetes" {
-  version     = "2.37.1"
-  constraints = "~> 2.23"
-  hashes = [
-    "h1:UWJPvQZxW9Q6mxtUvIdnapPE8s8o4a2HUo53OInq9p4=",
-    "zh:22031e9995b3dc7ae497305dc6c5b7bf1a585c378d46446e724601f992cd9e11",
-    "zh:3614bc188ae5040d892671009c66f56cfcb3859e11f42ed7ffc1cee384b1275b",
-    "zh:5d925944ac961bbe5fb4917a3e7e6d9bc0bef2f3198f26e8d4cd1793d5eadde3",
-    "zh:67a86d1576eb67a58cc68f47bffd370b2f834fd909980acdab38a9b9b2c1c809",
-    "zh:90c34fe321f937b34392bdc6ee1f9fa42db1c5ff93341c58a96a8a0c1f18327f",
-    "zh:943b0fb6db1ce3b64e177f74ae7931f485ef47713df861f0e98d6838e75087ff",
-    "zh:9c6f0164bf64b0d7baac29bc74aa0879956cec6dc28a7f52b2582c9deffb8c21",
-    "zh:b1d555c2977a2d7c689f88b9f4b8db24c104692b9233191719d1b10ca724f159",
-    "zh:c4d2ce2148a55d7d7dc5986f02119cc71ccb86ec1e96773f4c9430fd2944fda4",
-  ]
-}
-
-provider "registry.opentofu.org/hashicorp/null" {
-  version     = "3.2.4"
-  constraints = "~> 3.2"
-  hashes = [
-    "h1:i+WKhUHL2REY5EGmiHjfUljJB8UKZ9QdhdM5uTeUhC4=",
-    "zh:1769783386610bed8bb1e861a119fe25058be41895e3996d9216dd6bb8a7aee3",
-    "zh:32c62a9387ad0b861b5262b41c5e9ed6e940eda729c2a0e58100e6629af27ddb",
-    "zh:339bf8c2f9733fce068eb6d5612701144c752425cebeafab36563a16be460fb2",
-    "zh:36731f23343aee12a7e078067a98644c0126714c4fe9ac930eecb0f2361788c4",
-    "zh:3d106c7e32a929e2843f732625a582e562ff09120021e510a51a6f5d01175b8d",
-    "zh:74bcb3567708171ad83b234b92c9d63ab441ef882b770b0210c2b14fdbe3b1b6",
-    "zh:90b55bdbffa35df9204282251059e62c178b0ac7035958b93a647839643c0072",
-    "zh:ae24c0e5adc692b8f94cb23a000f91a316070fdc19418578dcf2134ff57cf447",
-    "zh:b5c10d4ad860c4c21273203d1de6d2f0286845edf1c64319fa2362df526b5f58",
-    "zh:e05bbd88e82e1d6234988c85db62fd66f11502645838fff594a2ec25352ecd80",
-  ]
-}
diff --git a/modules/kubernetes/helm/nullplatform/agent/README.md b/modules/kubernetes/helm/nullplatform/agent/README.md
deleted file mode 100644
index 6984078..0000000
--- a/modules/kubernetes/helm/nullplatform/agent/README.md
+++ /dev/null
@@ -1,55 +0,0 @@
-## Requirements
-
-| Name | Version |
-|------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 5.0 |
-| <a name="requirement_helm"></a> [helm](#requirement\_helm) | ~> 2.11 |
-| <a name="requirement_kubernetes"></a> [kubernetes](#requirement\_kubernetes) | ~> 2.23 |
-| <a name="requirement_null"></a> [null](#requirement\_null) | ~> 3.2 |
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.99.1 |
-| <a name="provider_helm"></a> [helm](#provider\_helm) | 2.17.0 |
-
-## Modules
-
-| Name | Source | Version |
-|------|--------|---------|
-| <a name="module_trusting_oidc"></a> [trusting\_oidc](#module\_trusting\_oidc) | ../../../../aws/data/iam/eks/trusting | n/a |
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [aws_iam_policy.irsa_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_policy.load_balancer_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_policy.route53_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_role.role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
-| [aws_iam_role_policy_attachment.agent_irsa](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
-| [aws_iam_role_policy_attachment.agent_load_balancer](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
-| [aws_iam_role_policy_attachment.agent_route53](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
-| [helm_release.agent](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
-| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
-| [aws_eks_cluster.cluster](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/eks_cluster) | data source |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_cloud_name"></a> [cloud\_name](#input\_cloud\_name) | The provider cloud where the agent is deployed | `string` | n/a | yes |
-| <a name="input_cluster_name"></a> [cluster\_name](#input\_cluster\_name) | Name of the EKS cluster | `string` | n/a | yes |
-| <a name="input_github_repo"></a> [github\_repo](#input\_github\_repo) | GitHub repository | `string` | n/a | yes |
-| <a name="input_github_token"></a> [github\_token](#input\_github\_token) | GitHub token | `string` | n/a | yes |
-| <a name="input_github_user"></a> [github\_user](#input\_github\_user) | GitHub user | `string` | n/a | yes |
-| <a name="input_namespace"></a> [namespace](#input\_namespace) | Kubernetes namespace for the agent | `string` | `"nullplatform-tools"` | no |
-| <a name="input_np_api_key"></a> [np\_api\_key](#input\_np\_api\_key) | Nullplatform api key for the agent to communicate | `string` | n/a | yes |
-| <a name="input_service_account_name"></a> [service\_account\_name](#input\_service\_account\_name) | Name of the service account | `string` | `"nullplatform-agent"` | no |
-| <a name="input_tags"></a> [tags](#input\_tags) | Agent tag, the identity of the agent | `string` | n/a | yes |
-
-## Outputs
-
-No outputs.
diff --git a/modules/kubernetes/helm/nullplatform/agent/data.tf b/modules/kubernetes/helm/nullplatform/agent/data.tf
deleted file mode 100644
index e81057a..0000000
--- a/modules/kubernetes/helm/nullplatform/agent/data.tf
+++ /dev/null
@@ -1,13 +0,0 @@
-data "aws_eks_cluster" "cluster" {
-  name = var.cluster_name
-}
-
-data "aws_caller_identity" "current" {}
-
-module "trusting_oidc" {
-  source = "../../../../aws/data/iam/eks/trusting"
-
-  cluster_name         = var.cluster_name
-  namespace            = var.namespace
-  service_account_name = var.service_account_name
-}
\ No newline at end of file
diff --git a/modules/kubernetes/helm/nullplatform/agent/iam.tf b/modules/kubernetes/helm/nullplatform/agent/iam.tf
deleted file mode 100644
index 9831b89..0000000
--- a/modules/kubernetes/helm/nullplatform/agent/iam.tf
+++ /dev/null
@@ -1,111 +0,0 @@
-resource "aws_iam_role" "role" {
-  name = "nullplatform-agent-role-${var.cluster_name}"
-
-  assume_role_policy   = jsonencode(module.trusting_oidc.trusting)
-  permissions_boundary = var.iam_role_permissions_boundary
-
-}
-
-# Route 53 Policy
-resource "aws_iam_policy" "route53_policy" {
-  name        = "${var.cluster_name}-agent-route53-policy"
-  description = "Policy for Route 53 management"
-
-  policy = jsonencode({
-    Version = "2012-10-17"
-    Statement = [
-      {
-        Effect = "Allow"
-        Action = [
-          "route53:ChangeResourceRecordSets",
-          "route53:GetChange",
-          "route53:GetHostedZone",
-          "route53:ListHostedZones",
-          "route53:ListHostedZonesByName",
-          "route53:ListResourceRecordSets"
-        ]
-        Resource = "*"
-      }
-    ]
-  })
-}
-
-# Load Balancer Controller Policy
-resource "aws_iam_policy" "load_balancer_policy" {
-  name        = "${var.cluster_name}-agent-load-balancer-policy"
-  description = "Policy for Load Balancer management"
-
-  policy = jsonencode({
-    Version = "2012-10-17"
-    Statement = [
-      {
-        Effect = "Allow"
-        Action = [
-          "elasticloadbalancing:DescribeLoadBalancers",
-          "elasticloadbalancing:DescribeTargetGroups",
-          "elasticloadbalancing:DescribeTargetHealth",
-          "elasticloadbalancing:DescribeListeners",
-          "elasticloadbalancing:DescribeRules"
-        ]
-        Resource = "*"
-      }
-    ]
-  })
-}
-
-resource "aws_iam_policy" "irsa_policy" {
-  name        = "irsa_policy"
-  description = "IAM policy for managing IAM roles and EKS cluster description"
-  policy = jsonencode({
-    Version = "2012-10-17"
-    Statement = [
-      {
-        Effect = "Allow"
-        Action = [
-          "iam:CreateRole",
-          "iam:PutRolePolicy",
-          "iam:AttachRolePolicy",
-          "iam:ListAttachedRolePolicies",
-          "iam:DetachRolePolicy",
-          "iam:ListRolePolicies",
-          "iam:DeleteRolePolicy",
-          "iam:DeleteRole",
-          "iam:TagRole",
-          "iam:PutRolePermissionsBoundary"
-        ]
-        Resource = "*"
-      },
-      {
-        Effect = "Allow"
-        Action = [
-          "sts:GetCallerIdentity"
-        ]
-        Resource = "*"
-      },
-      {
-        Effect = "Allow"
-        Action = [
-          "eks:DescribeCluster"
-        ]
-        Resource = "*"
-      }
-    ]
-  })
-}
-
-# Attach policies to the role
-resource "aws_iam_role_policy_attachment" "agent_route53" {
-  policy_arn = aws_iam_policy.route53_policy.arn
-  role       = aws_iam_role.role.name
-}
-
-resource "aws_iam_role_policy_attachment" "agent_load_balancer" {
-  policy_arn = aws_iam_policy.load_balancer_policy.arn
-  role       = aws_iam_role.role.name
-}
-
-
-resource "aws_iam_role_policy_attachment" "agent_irsa" {
-  policy_arn = aws_iam_policy.irsa_policy.arn
-  role       = aws_iam_role.role.name
-}
diff --git a/modules/kubernetes/helm/nullplatform/agent/locals.tf b/modules/kubernetes/helm/nullplatform/agent/locals.tf
deleted file mode 100644
index 38a82a8..0000000
--- a/modules/kubernetes/helm/nullplatform/agent/locals.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-locals {
-  oidc_issuer_url = replace(data.aws_eks_cluster.cluster.identity[0].oidc[0].issuer, "https://", "")
-}
\ No newline at end of file
diff --git a/modules/kubernetes/helm/nullplatform/agent/main.tf b/modules/kubernetes/helm/nullplatform/agent/main.tf
deleted file mode 100644
index 5e4b985..0000000
--- a/modules/kubernetes/helm/nullplatform/agent/main.tf
+++ /dev/null
@@ -1,32 +0,0 @@
-locals {
-  agent_values = templatefile("${path.module}/templates/values-${var.cloud_name}.tmpl.yaml", {
-    agent_repos          = var.agent_repos
-    cluster_name         = var.cluster_name
-    namespace            = var.namespace
-    service_account_name = var.service_account_name
-    tags                 = var.tags
-    np_api_key           = var.np_api_key
-    resource_identity    = aws_iam_role.role.arn
-    init_scripts         = var.init_scripts
-    vault_token          = var.vault_token
-    vault_url            = var.vault_url
-  })
-}
-# Helm release
-resource "helm_release" "agent" {
-  name             = "nullplatform-agent"
-  chart            = "nullplatform-agent"
-  repository       = "https://nullplatform.github.io/helm-charts"
-  namespace        = var.namespace
-  create_namespace = true
-
-  force_update = true
-
-  values = [local.agent_values]
-
-  depends_on = [
-    aws_iam_role.role,
-    aws_iam_role_policy_attachment.agent_route53,
-    aws_iam_role_policy_attachment.agent_load_balancer
-  ]
-}
\ No newline at end of file
diff --git a/modules/kubernetes/helm/nullplatform/agent/providers.tf b/modules/kubernetes/helm/nullplatform/agent/providers.tf
deleted file mode 100644
index 1d7b161..0000000
--- a/modules/kubernetes/helm/nullplatform/agent/providers.tf
+++ /dev/null
@@ -1,51 +0,0 @@
-# Provider configuration
-terraform {
-  required_version = ">= 1.0"
-
-  required_providers {
-    aws = {
-      source  = "hashicorp/aws"
-      version = "~> 5.0"
-    }
-    kubernetes = {
-      source  = "hashicorp/kubernetes"
-      version = "~> 2.23"
-    }
-    helm = {
-      source  = "hashicorp/helm"
-      version = "~> 2.11"
-    }
-    null = {
-      source  = "hashicorp/null"
-      version = "~> 3.2"
-    }
-  }
-}
-
-# Configure providers
-# provider "aws" {
-# }
-#
-# provider "kubernetes" {
-#   host                   = data.aws_eks_cluster.cluster.endpoint
-#   cluster_ca_certificate = base64decode(data.aws_eks_cluster.cluster.certificate_authority[0].data)
-#
-#   exec {
-#     api_version = "client.authentication.k8s.io/v1beta1"
-#     command     = "aws"
-#     args        = ["eks", "get-token", "--cluster-name", var.cluster_name]
-#   }
-# }
-#
-# provider "helm" {
-#   kubernetes {
-#     host                   = data.aws_eks_cluster.cluster.endpoint
-#     cluster_ca_certificate = base64decode(data.aws_eks_cluster.cluster.certificate_authority[0].data)
-#
-#     exec {
-#       api_version = "client.authentication.k8s.io/v1beta1"
-#       command     = "aws"
-#       args        = ["eks", "get-token", "--cluster-name", var.cluster_name]
-#     }
-#   }
-# }
diff --git a/modules/kubernetes/helm/nullplatform/agent/variables.tf b/modules/kubernetes/helm/nullplatform/agent/variables.tf
deleted file mode 100644
index 7d99dd6..0000000
--- a/modules/kubernetes/helm/nullplatform/agent/variables.tf
+++ /dev/null
@@ -1,63 +0,0 @@
-variable "cluster_name" {
-  description = "Name of the EKS cluster"
-  type        = string
-}
-
-variable "namespace" {
-  description = "Kubernetes namespace for the agent"
-  type        = string
-  default     = "nullplatform-tools"
-}
-
-variable "service_account_name" {
-  description = "Name of the service account"
-  type        = string
-  default     = "nullplatform-agent"
-}
-
-variable "tags" {
-  description = "Agent tag, the identity of the agent"
-  type        = string
-}
-
-variable "agent_repos" {
-  description = "GitHub repository to download"
-  type        = string
-}
-
-variable "np_api_key" {
-  description = "Nullplatform api key for the agent to communicate"
-  type        = string
-  sensitive   = true
-}
-
-variable "cloud_name" {
-  description = "The provider cloud where the agent is deployed"
-  type        = string
-  validation {
-    condition     = contains(["aws", "gcp", "azure"], var.cloud_name)
-    error_message = "The provider cloud must be one of: aws, gcp, or azure."
-  }
-}
-
-variable "init_scripts" {
-  description = "List of shell commands to be executed before the container starts."
-  type        = list(string)
-  default     = []
-}
-
-variable "iam_role_permissions_boundary" {
-  description = "ARN of the policy that is used to set the permissions boundary for the IAM role"
-  type        = string
-  default     = null
-}
-
-variable "vault_token" {
-  type        = string
-  description = "Authentication token for Vault server access"
-}
-
-variable "vault_url" {
-  type        = string
-  description = "URL endpoint for the Vault server"
-}
\ No newline at end of file
diff --git a/modules/kubernetes/helm/nullplatform/logs-controller/README.md b/modules/kubernetes/helm/nullplatform/logs-controller/README.md
deleted file mode 100644
index 027cd1e..0000000
--- a/modules/kubernetes/helm/nullplatform/logs-controller/README.md
+++ /dev/null
@@ -1,29 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_helm"></a> [helm](#provider\_helm) | n/a |
-
-## Modules
-
-No modules.
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [helm_release.config_helm](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_values_yaml"></a> [values\_yaml](#input\_values\_yaml) | values.yaml for Nullplatform helm chart | `string` | n/a | yes |
-
-## Outputs
-
-No outputs.
diff --git a/modules/kubernetes/helm/nullplatform/logs-controller/aws/README.md b/modules/kubernetes/helm/nullplatform/logs-controller/aws/README.md
deleted file mode 100644
index 8560ac5..0000000
--- a/modules/kubernetes/helm/nullplatform/logs-controller/aws/README.md
+++ /dev/null
@@ -1,32 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.87.0 |
-
-## Modules
-
-| Name | Source | Version |
-|------|--------|---------|
-| <a name="module_nullplatform"></a> [nullplatform](#module\_nullplatform) | ./.. | n/a |
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_cloudwatch_enabled"></a> [cloudwatch\_enabled](#input\_cloudwatch\_enabled) | Enable Cloudwatch logging | `bool` | `true` | no |
-| <a name="input_tls_secret_name"></a> [tls\_secret\_name](#input\_tls\_secret\_name) | Secret name for TLS | `string` | `"www-tls"` | no |
-
-## Outputs
-
-No outputs.
diff --git a/modules/kubernetes/helm/nullplatform/logs-controller/aws/backend.tf b/modules/kubernetes/helm/nullplatform/logs-controller/aws/backend.tf
deleted file mode 100644
index 23cb0af..0000000
--- a/modules/kubernetes/helm/nullplatform/logs-controller/aws/backend.tf
+++ /dev/null
@@ -1,10 +0,0 @@
-terraform {
-  required_providers {
-    aws = {
-      source = "hashicorp/aws"
-    }
-    helm = {
-      source = "hashicorp/helm"
-    }
-  }
-}
diff --git a/modules/kubernetes/helm/nullplatform/logs-controller/aws/data.tf b/modules/kubernetes/helm/nullplatform/logs-controller/aws/data.tf
deleted file mode 100644
index f446d01..0000000
--- a/modules/kubernetes/helm/nullplatform/logs-controller/aws/data.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-data "aws_region" "current" {
-  provider = aws
-}
diff --git a/modules/kubernetes/helm/nullplatform/logs-controller/aws/main.tf b/modules/kubernetes/helm/nullplatform/logs-controller/aws/main.tf
deleted file mode 100644
index 93a0a2e..0000000
--- a/modules/kubernetes/helm/nullplatform/logs-controller/aws/main.tf
+++ /dev/null
@@ -1,10 +0,0 @@
-module "nullplatform" {
-  source = "./.."
-
-  values_yaml = templatefile("${path.module}/template/values.yaml", {
-    region             = data.aws_region.current.name,
-    tls_secret_name    = var.tls_secret_name
-    cloudwatch_enabled = var.cloudwatch_enabled
-  })
-}
-
diff --git a/modules/kubernetes/helm/nullplatform/logs-controller/aws/template/values.yaml b/modules/kubernetes/helm/nullplatform/logs-controller/aws/template/values.yaml
deleted file mode 100644
index 87abf53..0000000
--- a/modules/kubernetes/helm/nullplatform/logs-controller/aws/template/values.yaml
+++ /dev/null
@@ -1,7 +0,0 @@
-global:
-  provider: eks
-  awsRegion: ${region}
-tls:
-  secretName: ${tls_secret_name}
-cloudwatch:
-  enabled: ${cloudwatch_enabled}
diff --git a/modules/kubernetes/helm/nullplatform/logs-controller/aws/variables.tf b/modules/kubernetes/helm/nullplatform/logs-controller/aws/variables.tf
deleted file mode 100644
index 72778b0..0000000
--- a/modules/kubernetes/helm/nullplatform/logs-controller/aws/variables.tf
+++ /dev/null
@@ -1,11 +0,0 @@
-variable "cloudwatch_enabled" {
-  type        = bool
-  description = "Enable Cloudwatch logging"
-  default     = true
-}
-
-variable "tls_secret_name" {
-  type        = string
-  description = "Secret name for TLS"
-  default     = "www-tls"
-}
diff --git a/modules/kubernetes/helm/nullplatform/logs-controller/backend.tf b/modules/kubernetes/helm/nullplatform/logs-controller/backend.tf
deleted file mode 100644
index 665c434..0000000
--- a/modules/kubernetes/helm/nullplatform/logs-controller/backend.tf
+++ /dev/null
@@ -1,7 +0,0 @@
-terraform {
-  required_providers {
-    helm = {
-      source = "hashicorp/helm"
-    }
-  }
-}
diff --git a/modules/kubernetes/helm/nullplatform/logs-controller/gcp/README.md b/modules/kubernetes/helm/nullplatform/logs-controller/gcp/README.md
deleted file mode 100644
index cfd55aa..0000000
--- a/modules/kubernetes/helm/nullplatform/logs-controller/gcp/README.md
+++ /dev/null
@@ -1,28 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-No providers.
-
-## Modules
-
-| Name | Source | Version |
-|------|--------|---------|
-| <a name="module_nullplatform"></a> [nullplatform](#module\_nullplatform) | ./.. | n/a |
-
-## Resources
-
-No resources.
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_registry"></a> [registry](#input\_registry) | GCP Registry to pull images from | `string` | n/a | yes |
-| <a name="input_service_account_key_base64"></a> [service\_account\_key\_base64](#input\_service\_account\_key\_base64) | Base 64 service account key | `string` | n/a | yes |
-
-## Outputs
-
-No outputs.
diff --git a/modules/kubernetes/helm/nullplatform/logs-controller/gcp/backend.tf b/modules/kubernetes/helm/nullplatform/logs-controller/gcp/backend.tf
deleted file mode 100644
index 665c434..0000000
--- a/modules/kubernetes/helm/nullplatform/logs-controller/gcp/backend.tf
+++ /dev/null
@@ -1,7 +0,0 @@
-terraform {
-  required_providers {
-    helm = {
-      source = "hashicorp/helm"
-    }
-  }
-}
diff --git a/modules/kubernetes/helm/nullplatform/logs-controller/gcp/main.tf b/modules/kubernetes/helm/nullplatform/logs-controller/gcp/main.tf
deleted file mode 100644
index 7889d70..0000000
--- a/modules/kubernetes/helm/nullplatform/logs-controller/gcp/main.tf
+++ /dev/null
@@ -1,8 +0,0 @@
-module "nullplatform" {
-  source = "../.."
-
-  values_yaml = templatefile("${path.module}/template/values.yaml", {
-    registry = var.registry,
-    password = var.service_account_key_base64
-  })
-}
diff --git a/modules/kubernetes/helm/nullplatform/logs-controller/gcp/template/values.yaml b/modules/kubernetes/helm/nullplatform/logs-controller/gcp/template/values.yaml
deleted file mode 100644
index e96bcd6..0000000
--- a/modules/kubernetes/helm/nullplatform/logs-controller/gcp/template/values.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
-global:
-  provider: gke
-imagePullSecrets:
-  enabled: true
-  registry: ${registry}
-  username: _json_key_base64
-  password: ${password}
-logging:
-  enabled: false
-metricsServer:
-  enabled: false
diff --git a/modules/kubernetes/helm/nullplatform/logs-controller/gcp/variables.tf b/modules/kubernetes/helm/nullplatform/logs-controller/gcp/variables.tf
deleted file mode 100644
index b470fef..0000000
--- a/modules/kubernetes/helm/nullplatform/logs-controller/gcp/variables.tf
+++ /dev/null
@@ -1,9 +0,0 @@
-variable "service_account_key_base64" {
-  description = "Base 64 service account key"
-  type        = string
-}
-
-variable "registry" {
-  type        = string
-  description = "GCP Registry to pull images from"
-}
diff --git a/modules/kubernetes/helm/nullplatform/logs-controller/main.tf b/modules/kubernetes/helm/nullplatform/logs-controller/main.tf
deleted file mode 100644
index 1cb9866..0000000
--- a/modules/kubernetes/helm/nullplatform/logs-controller/main.tf
+++ /dev/null
@@ -1,12 +0,0 @@
-resource "helm_release" "config_helm" {
-  name                       = "nullplatform-base"
-  provider                   = helm
-  repository                 = "https://nullplatform.github.io/helm-charts"
-  chart                      = "nullplatform-base"
-  namespace                  = "default"
-  disable_openapi_validation = true
-
-  values = [
-    var.values_yaml
-  ]
-}
diff --git a/modules/kubernetes/helm/nullplatform/logs-controller/variables.tf b/modules/kubernetes/helm/nullplatform/logs-controller/variables.tf
deleted file mode 100644
index dd54a0f..0000000
--- a/modules/kubernetes/helm/nullplatform/logs-controller/variables.tf
+++ /dev/null
@@ -1,4 +0,0 @@
-variable "values_yaml" {
-  type        = string
-  description = "values.yaml for Nullplatform helm chart"
-}
diff --git a/modules/kubernetes/helm/prometheus/.terraform.lock.hcl b/modules/kubernetes/helm/prometheus/.terraform.lock.hcl
deleted file mode 100644
index c6ef489..0000000
--- a/modules/kubernetes/helm/prometheus/.terraform.lock.hcl
+++ /dev/null
@@ -1,71 +0,0 @@
-# This file is maintained automatically by "tofu init".
-# Manual edits may be lost in future updates.
-
-provider "registry.opentofu.org/hashicorp/aws" {
-  version     = "5.99.1"
-  constraints = "~> 5.0"
-  hashes = [
-    "h1:0jNckFqimGrHhRB88880ovIpmoE20xhjRb94GBdgjwo=",
-    "zh:13a07422f776dd97214dfa89d6a88340b99613cbb869013c756c1a68fd8cdd9d",
-    "zh:1841d422278afa25d42a8d3ea9197ad08cf092769bd2aa89056d25d4c2629df8",
-    "zh:269016c7ba09d76e42fbcf15de28f2de0595ff9a7304a0500011a4493d7a1551",
-    "zh:2b842c3d0f30e048c05a37752b9c07d316656f3caf79841d08a4f1b057555eb2",
-    "zh:6559eedc095f70a51460dc702613a9033734ba536c1de1ed86a735a3c8131e40",
-    "zh:6d43b2676630344db3a7d6ba8330d20993492168f124e19e040a0aa914ec832e",
-    "zh:7f5d5cb0c1a492080b668f456de50f5b91fc67018c05f12483added3faf703f6",
-    "zh:c3bb8094bf26565150229f1ca6014d41d1283b8a2b06a15b45cd5a6b4ce82e28",
-    "zh:e45bc994d0c6e1c0a0b70e8378f2f933e924f05c91061ed2a97ceaf282e08a25",
-    "zh:ee725d6fbc1dbaa5017e9eab6fa0aa7e107a4ed73a4a8e2acab6b5d3d54cd0e4",
-  ]
-}
-
-provider "registry.opentofu.org/hashicorp/helm" {
-  version = "2.17.0"
-  hashes = [
-    "h1:ShIag7wqd5Rs+zYpVMpjAh+T0ozr4XGYfSTKWqceQBY=",
-    "zh:02690815e35131a42cb9851f63a3369c216af30ad093d05b39001d43da04b56b",
-    "zh:27a62f12b29926387f4d71aeeee9f7ffa0ccb81a1b6066ee895716ad050d1b7a",
-    "zh:2d0a5babfa73604b3fefc9dab9c87f91c77fce756c2e32b294e9f1290aed26c0",
-    "zh:3976400ceba6dda4636e1d297e3097e1831de5628afa534a166de98a70d1dcbe",
-    "zh:54440ef14f342b41d75c1aded7487bfcc3f76322b75894235b47b7e89ac4bfa4",
-    "zh:6512e2ab9f2fa31cbb90d9249647b5c5798f62eb1215ec44da2cdaa24e38ad25",
-    "zh:795f327ca0b8c5368af0ed03d5d4f6da7260692b4b3ca0bd004ed542e683464d",
-    "zh:ba659e1d94f224bc3f1fd34cbb9d2663e3a8e734108e5a58eb49eda84b140978",
-    "zh:c5c8575c4458835c2acbc3d1ed5570589b14baa2525d8fbd04295c097caf41eb",
-    "zh:e0877a5dac3de138e61eefa26b2f5a13305a17259779465899880f70e11314e0",
-  ]
-}
-
-provider "registry.opentofu.org/hashicorp/kubernetes" {
-  version     = "2.37.1"
-  constraints = "~> 2.23"
-  hashes = [
-    "h1:UWJPvQZxW9Q6mxtUvIdnapPE8s8o4a2HUo53OInq9p4=",
-    "zh:22031e9995b3dc7ae497305dc6c5b7bf1a585c378d46446e724601f992cd9e11",
-    "zh:3614bc188ae5040d892671009c66f56cfcb3859e11f42ed7ffc1cee384b1275b",
-    "zh:5d925944ac961bbe5fb4917a3e7e6d9bc0bef2f3198f26e8d4cd1793d5eadde3",
-    "zh:67a86d1576eb67a58cc68f47bffd370b2f834fd909980acdab38a9b9b2c1c809",
-    "zh:90c34fe321f937b34392bdc6ee1f9fa42db1c5ff93341c58a96a8a0c1f18327f",
-    "zh:943b0fb6db1ce3b64e177f74ae7931f485ef47713df861f0e98d6838e75087ff",
-    "zh:9c6f0164bf64b0d7baac29bc74aa0879956cec6dc28a7f52b2582c9deffb8c21",
-    "zh:b1d555c2977a2d7c689f88b9f4b8db24c104692b9233191719d1b10ca724f159",
-    "zh:c4d2ce2148a55d7d7dc5986f02119cc71ccb86ec1e96773f4c9430fd2944fda4",
-  ]
-}
-
-provider "registry.opentofu.org/hashicorp/null" {
-  version = "3.2.4"
-  hashes = [
-    "h1:i+WKhUHL2REY5EGmiHjfUljJB8UKZ9QdhdM5uTeUhC4=",
-    "zh:1769783386610bed8bb1e861a119fe25058be41895e3996d9216dd6bb8a7aee3",
-    "zh:32c62a9387ad0b861b5262b41c5e9ed6e940eda729c2a0e58100e6629af27ddb",
-    "zh:339bf8c2f9733fce068eb6d5612701144c752425cebeafab36563a16be460fb2",
-    "zh:36731f23343aee12a7e078067a98644c0126714c4fe9ac930eecb0f2361788c4",
-    "zh:3d106c7e32a929e2843f732625a582e562ff09120021e510a51a6f5d01175b8d",
-    "zh:74bcb3567708171ad83b234b92c9d63ab441ef882b770b0210c2b14fdbe3b1b6",
-    "zh:90b55bdbffa35df9204282251059e62c178b0ac7035958b93a647839643c0072",
-    "zh:ae24c0e5adc692b8f94cb23a000f91a316070fdc19418578dcf2134ff57cf447",
-    "zh:b5c10d4ad860c4c21273203d1de6d2f0286845edf1c64319fa2362df526b5f58",
-    "zh:e05bbd88e82e1d6234988c85db62fd66f11502645838fff594a2ec25352ecd80",
-  ]
-}
diff --git a/modules/kubernetes/helm/prometheus/README.md b/modules/kubernetes/helm/prometheus/README.md
deleted file mode 100644
index 61f0f23..0000000
--- a/modules/kubernetes/helm/prometheus/README.md
+++ /dev/null
@@ -1,37 +0,0 @@
-## Requirements
-
-| Name | Version |
-|------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 5.0 |
-| <a name="requirement_helm"></a> [helm](#requirement\_helm) | ~> 2.11 |
-| <a name="requirement_kubernetes"></a> [kubernetes](#requirement\_kubernetes) | ~> 2.23 |
-| <a name="requirement_null"></a> [null](#requirement\_null) | ~> 3.2 |
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_helm"></a> [helm](#provider\_helm) | 2.17.0 |
-
-## Modules
-
-No modules.
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [helm_release.prometheus](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_allowed_cidrs"></a> [allowed\_cidrs](#input\_allowed\_cidrs) | List of CIDR blocks allowed to access the Prometheus load balancer | `list(string)` | <pre>[<br/>  "0.0.0.0/0"<br/>]</pre> | no |
-| <a name="input_load_balancer_scheme"></a> [load\_balancer\_scheme](#input\_load\_balancer\_scheme) | Load balancer scheme - 'internet-facing' for public access or 'internal' for private access | `string` | `"internal"` | no |
-| <a name="input_namespace"></a> [namespace](#input\_namespace) | The namespace to deploy Prometheus into | `string` | `"prometheus"` | no |
-
-## Outputs
-
-No outputs.
diff --git a/modules/kubernetes/helm/prometheus/main.tf b/modules/kubernetes/helm/prometheus/main.tf
deleted file mode 100644
index 6a45df3..0000000
--- a/modules/kubernetes/helm/prometheus/main.tf
+++ /dev/null
@@ -1,16 +0,0 @@
-resource "helm_release" "prometheus" {
-  name             = "prometheus"
-  repository       = "https://prometheus-community.github.io/helm-charts"
-  chart            = "prometheus"
-  namespace        = var.namespace
-  create_namespace = true
-
-  values = [
-    templatefile("${path.module}/values.yaml.tmpl", {
-      namespace            = var.namespace
-      load_balancer_scheme = var.load_balancer_scheme
-      allowed_cidrs        = join(",", var.allowed_cidrs)
-      storageClassName     = var.storageClassName
-    })
-  ]
-}
diff --git a/modules/kubernetes/helm/prometheus/providers.tf b/modules/kubernetes/helm/prometheus/providers.tf
deleted file mode 100644
index c1fb50d..0000000
--- a/modules/kubernetes/helm/prometheus/providers.tf
+++ /dev/null
@@ -1,49 +0,0 @@
-terraform {
-  required_version = ">= 1.0"
-
-  required_providers {
-    aws = {
-      source  = "hashicorp/aws"
-      version = "~> 5.0"
-    }
-    kubernetes = {
-      source  = "hashicorp/kubernetes"
-      version = "~> 2.23"
-    }
-    helm = {
-      source  = "hashicorp/helm"
-      version = "~> 2.11"
-    }
-    null = {
-      source  = "hashicorp/null"
-      version = "~> 3.2"
-    }
-  }
-}
-
-# provider "aws" {
-# }
-
-# provider "kubernetes" {
-#   host                   = data.aws_eks_cluster.cluster.endpoint
-#   cluster_ca_certificate = base64decode(data.aws_eks_cluster.cluster.certificate_authority[0].data)
-
-#   exec {
-#     api_version = "client.authentication.k8s.io/v1beta1"
-#     command     = "aws"
-#     args        = ["eks", "get-token", "--cluster-name", var.cluster_name]
-#   }
-# }
-
-# provider "helm" {
-#   kubernetes {
-#     host                   = data.aws_eks_cluster.cluster.endpoint
-#     cluster_ca_certificate = base64decode(data.aws_eks_cluster.cluster.certificate_authority[0].data)
-
-#     exec {
-#       api_version = "client.authentication.k8s.io/v1beta1"
-#       command     = "aws"
-#       args        = ["eks", "get-token", "--cluster-name", var.cluster_name]
-#     }
-#   }
-# }
diff --git a/modules/kubernetes/helm/prometheus/values.yaml.tmpl b/modules/kubernetes/helm/prometheus/values.yaml.tmpl
deleted file mode 100644
index 826d167..0000000
--- a/modules/kubernetes/helm/prometheus/values.yaml.tmpl
+++ /dev/null
@@ -1,125 +0,0 @@
-server:
-  persistentVolume:
-    enabled: true
-    size: 20Gi
-    storageClass: ${storageClassName}
-    accessModes:
-      - ReadWriteOnce
-  emptyDir: {}
-  service:
-    type: LoadBalancer
-    port: 80
-    targetPort: 9090
-    annotations:
-      service.beta.kubernetes.io/aws-load-balancer-type: nlb
-      service.beta.kubernetes.io/aws-load-balancer-scheme: ${load_balancer_scheme}
-      service.beta.kubernetes.io/aws-load-balancer-internal: "${load_balancer_scheme == "internal"}"
-      service.beta.kubernetes.io/aws-load-balancer-source-ranges: ${allowed_cidrs}
-      service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled: "true"
-  extraFlags:
-    - web.enable-lifecycle
-
-
-alertmanager:
-  enabled: false
-
-nodeExporter:
-  enabled: true
-
-pushgateway:
-  enabled: true
-
-configmapReload:
-  prometheus:
-    enabled: true
-
-serverFiles:
-  alerts: {}
-  rules: {}
-  prometheus.yml:
-    # global:
-    #   evaluation_interval: 1m
-    #   scrape_interval: 1m
-    #   scrape_timeout: 10s
-
-    rule_files:
-      - /etc/config/recording_rules.yml
-      - /etc/config/alerting_rules.yml
-      - /etc/config/rules
-      - /etc/config/alerts
-
-    scrape_configs:
-      - job_name: prometheus
-        static_configs:
-          - targets:
-              - localhost:9090
-
-      - job_name: null-platform-metrics
-        kubernetes_sd_configs:
-          - role: node
-        metrics_path: /metrics
-        relabel_configs:
-          - regex: (.*):10250
-            replacement: $1:2021
-            source_labels:
-              - __address__
-            target_label: __address__
-          - action: labelmap
-            regex: __meta_kubernetes_node_label_(.+)
-          - source_labels:
-              - __meta_kubernetes_node_name
-            target_label: node
-        scheme: http
-
-      - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
-        job_name: kubernetes-apiservers
-        kubernetes_sd_configs:
-          - role: endpoints
-        relabel_configs:
-          - action: keep
-            regex: default;kubernetes;https
-            source_labels:
-              - __meta_kubernetes_namespace
-              - __meta_kubernetes_service_name
-              - __meta_kubernetes_endpoint_port_name
-        scheme: https
-        tls_config:
-          ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
-
-      - job_name: kubernetes-nodes
-        kubernetes_sd_configs:
-          - role: node
-        relabel_configs:
-          - action: labelmap
-            regex: __meta_kubernetes_node_label_(.+)
-          - target_label: __address__
-            replacement: kubernetes.default.svc:443
-          - source_labels: [__meta_kubernetes_node_name]
-            regex: (.+)
-            target_label: __metrics_path__
-            replacement: /api/v1/nodes/${1}/proxy/metrics
-
-      - job_name: kubernetes-pods
-        kubernetes_sd_configs:
-          - role: pod
-        relabel_configs:
-          - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_scrape]
-            action: keep
-            regex: true
-          - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_path]
-            action: replace
-            target_label: __metrics_path__
-            regex: (.+)
-          - source_labels: [__address__, __meta_kubernetes_pod_annotation_prometheus_io_port]
-            action: replace
-            regex: ([^:]+)(?::\d+)?;(\d+)
-            replacement: $1:$2
-            target_label: __address__
-          - action: labelmap
-            regex: __meta_kubernetes_pod_label_(.+)
-          - source_labels: [__meta_kubernetes_namespace]
-            action: replace
-            target_label: kubernetes_namespace
-          - source_labels: [__meta_kubernetes_pod_name]
-            action: replace
-            target_label: kubernetes_pod_name
diff --git a/modules/kubernetes/helm/prometheus/variables.tf b/modules/kubernetes/helm/prometheus/variables.tf
deleted file mode 100644
index 65dd62a..0000000
--- a/modules/kubernetes/helm/prometheus/variables.tf
+++ /dev/null
@@ -1,27 +0,0 @@
-variable "namespace" {
-  description = "The namespace to deploy Prometheus into"
-  type        = string
-  default     = "prometheus"
-}
-
-variable "allowed_cidrs" {
-  description = "List of CIDR blocks allowed to access the Prometheus load balancer"
-  type        = list(string)
-  default     = ["0.0.0.0/0"] # Default to allow all, but should be restricted in production
-}
-
-variable "load_balancer_scheme" {
-  description = "Load balancer scheme - 'internet-facing' for public access or 'internal' for private access"
-  type        = string
-  default     = "internal"
-  validation {
-    condition     = contains(["internet-facing", "internal"], var.load_balancer_scheme)
-    error_message = "Load balancer scheme must be either 'internet-facing' or 'internal'."
-  }
-}
-
-variable "storageClassName" {
-  description = "The storageClass name to use"
-  type        = string
-  default     = "gp2"
-}
diff --git a/modules/kubernetes/helm/vault/.terraform.lock.hcl b/modules/kubernetes/helm/vault/.terraform.lock.hcl
deleted file mode 100644
index 0e54886..0000000
--- a/modules/kubernetes/helm/vault/.terraform.lock.hcl
+++ /dev/null
@@ -1,90 +0,0 @@
-# This file is maintained automatically by "tofu init".
-# Manual edits may be lost in future updates.
-
-provider "registry.opentofu.org/hashicorp/aws" {
-  version     = "5.99.1"
-  constraints = "~> 5.0"
-  hashes = [
-    "h1:0jNckFqimGrHhRB88880ovIpmoE20xhjRb94GBdgjwo=",
-    "zh:13a07422f776dd97214dfa89d6a88340b99613cbb869013c756c1a68fd8cdd9d",
-    "zh:1841d422278afa25d42a8d3ea9197ad08cf092769bd2aa89056d25d4c2629df8",
-    "zh:269016c7ba09d76e42fbcf15de28f2de0595ff9a7304a0500011a4493d7a1551",
-    "zh:2b842c3d0f30e048c05a37752b9c07d316656f3caf79841d08a4f1b057555eb2",
-    "zh:6559eedc095f70a51460dc702613a9033734ba536c1de1ed86a735a3c8131e40",
-    "zh:6d43b2676630344db3a7d6ba8330d20993492168f124e19e040a0aa914ec832e",
-    "zh:7f5d5cb0c1a492080b668f456de50f5b91fc67018c05f12483added3faf703f6",
-    "zh:c3bb8094bf26565150229f1ca6014d41d1283b8a2b06a15b45cd5a6b4ce82e28",
-    "zh:e45bc994d0c6e1c0a0b70e8378f2f933e924f05c91061ed2a97ceaf282e08a25",
-    "zh:ee725d6fbc1dbaa5017e9eab6fa0aa7e107a4ed73a4a8e2acab6b5d3d54cd0e4",
-  ]
-}
-
-provider "registry.opentofu.org/hashicorp/helm" {
-  version     = "2.17.0"
-  constraints = "~> 2.11"
-  hashes = [
-    "h1:ShIag7wqd5Rs+zYpVMpjAh+T0ozr4XGYfSTKWqceQBY=",
-    "zh:02690815e35131a42cb9851f63a3369c216af30ad093d05b39001d43da04b56b",
-    "zh:27a62f12b29926387f4d71aeeee9f7ffa0ccb81a1b6066ee895716ad050d1b7a",
-    "zh:2d0a5babfa73604b3fefc9dab9c87f91c77fce756c2e32b294e9f1290aed26c0",
-    "zh:3976400ceba6dda4636e1d297e3097e1831de5628afa534a166de98a70d1dcbe",
-    "zh:54440ef14f342b41d75c1aded7487bfcc3f76322b75894235b47b7e89ac4bfa4",
-    "zh:6512e2ab9f2fa31cbb90d9249647b5c5798f62eb1215ec44da2cdaa24e38ad25",
-    "zh:795f327ca0b8c5368af0ed03d5d4f6da7260692b4b3ca0bd004ed542e683464d",
-    "zh:ba659e1d94f224bc3f1fd34cbb9d2663e3a8e734108e5a58eb49eda84b140978",
-    "zh:c5c8575c4458835c2acbc3d1ed5570589b14baa2525d8fbd04295c097caf41eb",
-    "zh:e0877a5dac3de138e61eefa26b2f5a13305a17259779465899880f70e11314e0",
-  ]
-}
-
-provider "registry.opentofu.org/hashicorp/kubernetes" {
-  version     = "2.37.1"
-  constraints = "~> 2.23"
-  hashes = [
-    "h1:UWJPvQZxW9Q6mxtUvIdnapPE8s8o4a2HUo53OInq9p4=",
-    "zh:22031e9995b3dc7ae497305dc6c5b7bf1a585c378d46446e724601f992cd9e11",
-    "zh:3614bc188ae5040d892671009c66f56cfcb3859e11f42ed7ffc1cee384b1275b",
-    "zh:5d925944ac961bbe5fb4917a3e7e6d9bc0bef2f3198f26e8d4cd1793d5eadde3",
-    "zh:67a86d1576eb67a58cc68f47bffd370b2f834fd909980acdab38a9b9b2c1c809",
-    "zh:90c34fe321f937b34392bdc6ee1f9fa42db1c5ff93341c58a96a8a0c1f18327f",
-    "zh:943b0fb6db1ce3b64e177f74ae7931f485ef47713df861f0e98d6838e75087ff",
-    "zh:9c6f0164bf64b0d7baac29bc74aa0879956cec6dc28a7f52b2582c9deffb8c21",
-    "zh:b1d555c2977a2d7c689f88b9f4b8db24c104692b9233191719d1b10ca724f159",
-    "zh:c4d2ce2148a55d7d7dc5986f02119cc71ccb86ec1e96773f4c9430fd2944fda4",
-  ]
-}
-
-provider "registry.opentofu.org/hashicorp/local" {
-  version = "2.5.3"
-  hashes = [
-    "h1:31Clmfoe7hzkcdgwuhUuGuPGfeG2Ksk+YWcJgzBTN7M=",
-    "zh:32e1d4b0595cea6cda4ca256195c162772ddff25594ab4008731a2ec7be230bf",
-    "zh:48c390af0c87df994ec9796f04ec2582bcac581fb81ed6bb58e0671da1c17991",
-    "zh:4be7289c969218a57b40902e2f359914f8d35a7f97b439140cb711aa21e494bd",
-    "zh:4cf958e631e99ed6c8b522c9b22e1f1b568c0bdadb01dd002ca7dffb1c927764",
-    "zh:7a0132c0faca4c4c96aa70808effd6817e28712bf5a39881666ac377b4250acf",
-    "zh:7d60de08fac427fb045e4590d1b921b6778498eee9eb16f78c64d4c577bde096",
-    "zh:91003bee5981e99ec3925ce2f452a5f743827f9d0e131a86613549c1464796f0",
-    "zh:9fe2fe75977c8149e2515fb30c6cc6cfd57b225d4ce592c570d81a3831d7ffa3",
-    "zh:e210e6be54933ce93e03d0994e520ba289aa01b2c1f70e77afb8f2ee796b0fe3",
-    "zh:e8793e5f9422f2b31a804e51806595f335b827c9a38db18766960464566f21d5",
-  ]
-}
-
-provider "registry.opentofu.org/hashicorp/null" {
-  version     = "3.2.4"
-  constraints = "~> 3.2"
-  hashes = [
-    "h1:i+WKhUHL2REY5EGmiHjfUljJB8UKZ9QdhdM5uTeUhC4=",
-    "zh:1769783386610bed8bb1e861a119fe25058be41895e3996d9216dd6bb8a7aee3",
-    "zh:32c62a9387ad0b861b5262b41c5e9ed6e940eda729c2a0e58100e6629af27ddb",
-    "zh:339bf8c2f9733fce068eb6d5612701144c752425cebeafab36563a16be460fb2",
-    "zh:36731f23343aee12a7e078067a98644c0126714c4fe9ac930eecb0f2361788c4",
-    "zh:3d106c7e32a929e2843f732625a582e562ff09120021e510a51a6f5d01175b8d",
-    "zh:74bcb3567708171ad83b234b92c9d63ab441ef882b770b0210c2b14fdbe3b1b6",
-    "zh:90b55bdbffa35df9204282251059e62c178b0ac7035958b93a647839643c0072",
-    "zh:ae24c0e5adc692b8f94cb23a000f91a316070fdc19418578dcf2134ff57cf447",
-    "zh:b5c10d4ad860c4c21273203d1de6d2f0286845edf1c64319fa2362df526b5f58",
-    "zh:e05bbd88e82e1d6234988c85db62fd66f11502645838fff594a2ec25352ecd80",
-  ]
-}
diff --git a/modules/kubernetes/helm/vault/README.md b/modules/kubernetes/helm/vault/README.md
deleted file mode 100644
index af4182e..0000000
--- a/modules/kubernetes/helm/vault/README.md
+++ /dev/null
@@ -1,66 +0,0 @@
-## Requirements
-
-| Name | Version |
-|------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 5.0 |
-| <a name="requirement_helm"></a> [helm](#requirement\_helm) | ~> 2.11 |
-| <a name="requirement_kubernetes"></a> [kubernetes](#requirement\_kubernetes) | ~> 2.23 |
-| <a name="requirement_null"></a> [null](#requirement\_null) | ~> 3.2 |
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.99.1 |
-| <a name="provider_helm"></a> [helm](#provider\_helm) | 2.17.0 |
-| <a name="provider_kubernetes"></a> [kubernetes](#provider\_kubernetes) | 2.37.1 |
-| <a name="provider_local"></a> [local](#provider\_local) | 2.5.3 |
-| <a name="provider_null"></a> [null](#provider\_null) | 3.2.4 |
-
-## Modules
-
-| Name | Source | Version |
-|------|--------|---------|
-| <a name="module_trusting_oidc"></a> [trusting\_oidc](#module\_trusting\_oidc) | ../../../aws/data/iam/eks/trusting | n/a |
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [aws_iam_policy.vault_kms_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_role.vault_kms_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
-| [aws_iam_role_policy_attachment.vault_kms_policy_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
-| [aws_kms_alias.vault_unseal](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_alias) | resource |
-| [aws_kms_key.vault_unseal](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key) | resource |
-| [helm_release.vault](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
-| [kubernetes_namespace.vault](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/namespace) | resource |
-| [kubernetes_service_account.vault](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/service_account) | resource |
-| [null_resource.vault_init](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
-| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
-| [aws_eks_cluster.cluster](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/eks_cluster) | data source |
-| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
-| [local_file.vault_root_token](https://registry.terraform.io/providers/hashicorp/local/latest/docs/data-sources/file) | data source |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_allowed_cidr_blocks"></a> [allowed\_cidr\_blocks](#input\_allowed\_cidr\_blocks) | List of CIDR blocks allowed to access the load balancer | `list(string)` | <pre>[<br/>  "0.0.0.0/0"<br/>]</pre> | no |
-| <a name="input_cluster_name"></a> [cluster\_name](#input\_cluster\_name) | Name of the Kubernetes cluster | `string` | n/a | yes |
-| <a name="input_kms_key_id"></a> [kms\_key\_id](#input\_kms\_key\_id) | AWS KMS Key ID for auto-unseal | `string` | `""` | no |
-| <a name="input_load_balancer_scheme"></a> [load\_balancer\_scheme](#input\_load\_balancer\_scheme) | Load balancer scheme - 'internet-facing' for public access or 'internal' for private access | `string` | `"internal"` | no |
-| <a name="input_public_subnet_ids"></a> [public\_subnet\_ids](#input\_public\_subnet\_ids) | List of public subnet IDs for the load balancer | `list(string)` | n/a | yes |
-| <a name="input_vault_namespace"></a> [vault\_namespace](#input\_vault\_namespace) | Kubernetes namespace for Vault | `string` | `"vault"` | no |
-| <a name="input_vault_service_account"></a> [vault\_service\_account](#input\_vault\_service\_account) | Vault service account name | `string` | `"vault"` | no |
-| <a name="input_wait_timeout"></a> [wait\_timeout](#input\_wait\_timeout) | The time it waits for pods to be ready | `string` | `"300s"` | no |
-
-## Outputs
-
-| Name | Description |
-|------|-------------|
-| <a name="output_vault_iam_role_arn"></a> [vault\_iam\_role\_arn](#output\_vault\_iam\_role\_arn) | IAM Role ARN for Vault service account |
-| <a name="output_vault_kms_key_id"></a> [vault\_kms\_key\_id](#output\_vault\_kms\_key\_id) | KMS Key ID used for Vault auto-unseal |
-| <a name="output_vault_root_token"></a> [vault\_root\_token](#output\_vault\_root\_token) | Vault root token for authentication |
-| <a name="output_vault_service_url"></a> [vault\_service\_url](#output\_vault\_service\_url) | Vault service URL |
-| <a name="output_vault_ui_port_forward_command"></a> [vault\_ui\_port\_forward\_command](#output\_vault\_ui\_port\_forward\_command) | Command to port-forward to Vault UI |
diff --git a/modules/kubernetes/helm/vault/data.tf b/modules/kubernetes/helm/vault/data.tf
deleted file mode 100644
index be8184f..0000000
--- a/modules/kubernetes/helm/vault/data.tf
+++ /dev/null
@@ -1,15 +0,0 @@
-data "aws_caller_identity" "current" {}
-
-data "aws_region" "current" {}
-
-data "aws_eks_cluster" "cluster" {
-  name = var.cluster_name
-}
-
-module "trusting_oidc" {
-  source = "../../../aws/data/iam/eks/trusting"
-
-  cluster_name         = var.cluster_name
-  namespace            = var.vault_namespace
-  service_account_name = var.vault_service_account
-}
\ No newline at end of file
diff --git a/modules/kubernetes/helm/vault/helm.tf b/modules/kubernetes/helm/vault/helm.tf
deleted file mode 100644
index cdf955c..0000000
--- a/modules/kubernetes/helm/vault/helm.tf
+++ /dev/null
@@ -1,104 +0,0 @@
-resource "helm_release" "vault" {
-  name       = "vault"
-  repository = "https://helm.releases.hashicorp.com"
-  chart      = "vault"
-  namespace  = var.vault_namespace
-  version    = "0.28.0"
-
-  values = [
-    yamlencode({
-      global = {
-        enabled    = true
-        tlsDisable = true
-      }
-
-      injector = {
-        enabled = true
-      }
-
-      server = {
-        serviceAccount = {
-          create = false
-          name   = var.vault_service_account
-        }
-
-        # Enable persistent storage with gp2
-        dataStorage = {
-          enabled      = true
-          size         = "10Gi"
-          storageClass = var.storageClassName
-        }
-
-        auditStorage = {
-          enabled = false
-        }
-
-        # Remove custom volumes since we're using persistent storage
-        volumes      = []
-        volumeMounts = []
-
-        # Single instance, no HA
-        ha = {
-          enabled = false
-        }
-
-        # Simple configuration with file storage on ephemeral disk
-        standalone = {
-          enabled = true
-          config  = <<-EOT
-            ui = true
-
-            listener "tcp" {
-              tls_disable = 1
-              address = "[::]:8200"
-            }
-
-            storage "file" {
-              path = "/vault/file"
-            }
-
-            seal "awskms" {
-              region     = "${data.aws_region.current.name}"
-              kms_key_id = "${var.kms_key_id != "" ? var.kms_key_id : aws_kms_key.vault_unseal[0].key_id}"
-            }
-
-            disable_mlock = true
-          EOT
-        }
-
-        service = {
-          enabled = true
-          type    = "LoadBalancer"
-          port    = 8200
-          annotations = {
-            "service.beta.kubernetes.io/aws-load-balancer-type"                              = "nlb"
-            "service.beta.kubernetes.io/aws-load-balancer-subnets"                           = join(",", var.public_subnet_ids)
-            "service.beta.kubernetes.io/aws-load-balancer-scheme"                            = var.load_balancer_scheme
-            "service.beta.kubernetes.io/aws-load-balancer-internal"                          = tostring(var.load_balancer_scheme == "internal")
-            "service.beta.kubernetes.io/aws-load-balancer-ssl-ports"                         = "8200"
-            "service.beta.kubernetes.io/aws-load-balancer-ssl-redirect"                      = "true"
-            "service.beta.kubernetes.io/aws-load-balancer-ssl-negotiation-policy"            = "ELBSecurityPolicy-TLS-1-2-2017-01"
-            "service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled" = "true"
-            "service.beta.kubernetes.io/aws-load-balancer-additional-resource-tags"          = "Name=${var.cluster_name}-vault"
-            "service.beta.kubernetes.io/aws-load-balancer-source-ranges"                     = join(",", var.allowed_cidr_blocks)
-          }
-        }
-
-        ingress = {
-          enabled = false
-        }
-      }
-
-      ui = {
-        enabled     = true
-        serviceType = "ClusterIP"
-      }
-    })
-  ]
-
-  depends_on = [
-    kubernetes_namespace.vault,
-    kubernetes_service_account.vault,
-    aws_iam_role_policy_attachment.vault_kms_policy_attachment
-  ]
-}
diff --git a/modules/kubernetes/helm/vault/iam.tf b/modules/kubernetes/helm/vault/iam.tf
deleted file mode 100644
index 7b2cd69..0000000
--- a/modules/kubernetes/helm/vault/iam.tf
+++ /dev/null
@@ -1,37 +0,0 @@
-resource "aws_iam_role" "vault_kms_role" {
-  name = "vault-kms-role-${var.cluster_name}"
-
-  assume_role_policy   = jsonencode(module.trusting_oidc.trusting)
-  permissions_boundary = var.iam_role_permissions_boundary
-
-
-}
-
-
-# IAM policy for KMS access
-resource "aws_iam_policy" "vault_kms_policy" {
-  name        = "vault-kms-policy-${var.cluster_name}"
-  description = "Policy for Vault to access KMS for auto-unseal"
-
-  policy = jsonencode({
-    Version = "2012-10-17"
-    Statement = [
-      {
-        Effect = "Allow"
-        Action = [
-          "kms:Decrypt",
-          "kms:Encrypt",
-          "kms:GenerateDataKey",
-          "kms:DescribeKey"
-        ]
-        Resource = var.kms_key_id != "" ? "arn:aws:kms:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:key/${var.kms_key_id}" : aws_kms_key.vault_unseal[0].arn
-      }
-    ]
-  })
-}
-
-# Attach policy to role
-resource "aws_iam_role_policy_attachment" "vault_kms_policy_attachment" {
-  role       = aws_iam_role.vault_kms_role.name
-  policy_arn = aws_iam_policy.vault_kms_policy.arn
-}
\ No newline at end of file
diff --git a/modules/kubernetes/helm/vault/kms.tf b/modules/kubernetes/helm/vault/kms.tf
deleted file mode 100644
index bb04883..0000000
--- a/modules/kubernetes/helm/vault/kms.tf
+++ /dev/null
@@ -1,29 +0,0 @@
-resource "aws_kms_key" "vault_unseal" {
-  count       = var.kms_key_id == "" ? 1 : 0
-  description = "KMS key for Vault auto-unseal"
-
-  policy = jsonencode({
-    Version = "2012-10-17"
-    Statement = [
-      {
-        Sid    = "Enable IAM User Permissions"
-        Effect = "Allow"
-        Principal = {
-          AWS = "arn:aws:iam::${data.aws_caller_identity.current.account_id}:root"
-        }
-        Action   = "kms:*"
-        Resource = "*"
-      }
-    ]
-  })
-
-  tags = {
-    Name = "vault-auto-unseal-${var.cluster_name}"
-  }
-}
-
-resource "aws_kms_alias" "vault_unseal" {
-  count         = var.kms_key_id == "" ? 1 : 0
-  name          = "alias/vault-auto-unseal-${var.cluster_name}"
-  target_key_id = aws_kms_key.vault_unseal[0].key_id
-}
\ No newline at end of file
diff --git a/modules/kubernetes/helm/vault/kubernetes.tf b/modules/kubernetes/helm/vault/kubernetes.tf
deleted file mode 100644
index 2437a37..0000000
--- a/modules/kubernetes/helm/vault/kubernetes.tf
+++ /dev/null
@@ -1,70 +0,0 @@
-# Kubernetes namespace
-resource "kubernetes_namespace" "vault" {
-  metadata {
-    name = var.vault_namespace
-  }
-}
-
-# Kubernetes service account with IAM role annotation
-resource "kubernetes_service_account" "vault" {
-  metadata {
-    name      = var.vault_service_account
-    namespace = var.vault_namespace
-    annotations = {
-      "eks.amazonaws.com/role-arn" = aws_iam_role.vault_kms_role.arn
-    }
-  }
-  depends_on = [kubernetes_namespace.vault]
-}
-
-resource "null_resource" "vault_init" {
-  provisioner "local-exec" {
-    command = <<-EOT
-      # Wait for Vault pods to be ready
-      kubectl wait --for=condition=ready pod -l app.kubernetes.io/name=vault -n ${var.vault_namespace} --timeout=${var.wait_timeout}
-
-      # Check if Vault is already initialized
-      if kubectl exec -n ${var.vault_namespace} vault-0 -- vault status | grep -q "Initialized.*true"; then
-        echo "Vault is already initialized"
-
-        # Try to get existing root token from secret
-        if kubectl get secret vault-root-token -n ${var.vault_namespace} >/dev/null 2>&1; then
-          ROOT_TOKEN=$(kubectl get secret vault-root-token -n ${var.vault_namespace} -o jsonpath='{.data.token}' | base64 -d)
-          echo "Retrieved existing root token"
-        else
-          echo "Warning: Vault is initialized but no root token found in secrets"
-          ROOT_TOKEN=""
-        fi
-      else
-        echo "Initializing Vault..."
-
-        # Initialize Vault and save output
-        kubectl exec -n ${var.vault_namespace} vault-0 -- vault operator init -format=json > /tmp/vault-init.json
-
-        # Extract root token
-        ROOT_TOKEN=$(cat /tmp/vault-init.json | jq -r '.root_token')
-
-        # Create Kubernetes secret for root token
-        kubectl create secret generic vault-root-token -n ${var.vault_namespace} \
-          --from-literal=token="$ROOT_TOKEN" \
-          --dry-run=client -o yaml | kubectl apply -f -
-
-        echo "Vault initialized successfully with auto-unseal"
-        echo "Root token stored in vault-root-token secret"
-      fi
-
-      # Save root token to file for Terraform to read
-      echo -n "$ROOT_TOKEN" > /tmp/vault-root-token.txt
-
-      # Output the token (will be captured by Terraform)
-      echo "VAULT_ROOT_TOKEN=$ROOT_TOKEN"
-    EOT
-  }
-
-  # Force re-run when dependencies change
-  triggers = {
-    vault_deployment = helm_release.vault.metadata[0].revision
-  }
-
-  depends_on = [helm_release.vault]
-}
diff --git a/modules/kubernetes/helm/vault/output.tf b/modules/kubernetes/helm/vault/output.tf
deleted file mode 100644
index 376d6b3..0000000
--- a/modules/kubernetes/helm/vault/output.tf
+++ /dev/null
@@ -1,31 +0,0 @@
-output "vault_kms_key_id" {
-  description = "KMS Key ID used for Vault auto-unseal"
-  value       = var.kms_key_id != "" ? var.kms_key_id : aws_kms_key.vault_unseal[0].key_id
-}
-
-output "vault_iam_role_arn" {
-  description = "IAM Role ARN for Vault service account"
-  value       = aws_iam_role.vault_kms_role.arn
-}
-
-output "vault_service_url" {
-  description = "Vault service URL"
-  value       = "http://vault.${var.vault_namespace}.svc.cluster.local:8200"
-}
-
-output "vault_ui_port_forward_command" {
-  description = "Command to port-forward to Vault UI"
-  value       = "kubectl port-forward -n ${var.vault_namespace} svc/vault 8200:8200"
-}
-
-data "local_file" "vault_root_token" {
-  filename   = "/tmp/vault-root-token.txt"
-  depends_on = [null_resource.vault_init]
-}
-
-# Output the root token
-output "vault_root_token" {
-  description = "Vault root token for authentication"
-  value       = data.local_file.vault_root_token.content
-  sensitive   = true
-}
\ No newline at end of file
diff --git a/modules/kubernetes/helm/vault/providers.tf b/modules/kubernetes/helm/vault/providers.tf
deleted file mode 100644
index a7bf91c..0000000
--- a/modules/kubernetes/helm/vault/providers.tf
+++ /dev/null
@@ -1,51 +0,0 @@
-# Provider configuration
-terraform {
-  required_version = ">= 1.0"
-
-  required_providers {
-    aws = {
-      source  = "hashicorp/aws"
-      version = "~> 5.0"
-    }
-    kubernetes = {
-      source  = "hashicorp/kubernetes"
-      version = "~> 2.23"
-    }
-    helm = {
-      source  = "hashicorp/helm"
-      version = "~> 2.11"
-    }
-    null = {
-      source  = "hashicorp/null"
-      version = "~> 3.2"
-    }
-  }
-}
-
-# # Configure providers
-# provider "aws" {
-# }
-#
-# provider "kubernetes" {
-#   host                   = data.aws_eks_cluster.cluster.endpoint
-#   cluster_ca_certificate = base64decode(data.aws_eks_cluster.cluster.certificate_authority[0].data)
-#
-#   exec {
-#     api_version = "client.authentication.k8s.io/v1beta1"
-#     command     = "aws"
-#     args        = ["eks", "get-token", "--cluster-name", var.cluster_name]
-#   }
-# }
-#
-# provider "helm" {
-#   kubernetes {
-#     host                   = data.aws_eks_cluster.cluster.endpoint
-#     cluster_ca_certificate = base64decode(data.aws_eks_cluster.cluster.certificate_authority[0].data)
-#
-#     exec {
-#       api_version = "client.authentication.k8s.io/v1beta1"
-#       command     = "aws"
-#       args        = ["eks", "get-token", "--cluster-name", var.cluster_name]
-#     }
-#   }
-# }
diff --git a/modules/kubernetes/helm/vault/variables.tf b/modules/kubernetes/helm/vault/variables.tf
deleted file mode 100644
index a9cc66b..0000000
--- a/modules/kubernetes/helm/vault/variables.tf
+++ /dev/null
@@ -1,61 +0,0 @@
-variable "cluster_name" {
-  description = "Name of the Kubernetes cluster"
-  type        = string
-}
-
-variable "vault_namespace" {
-  description = "Kubernetes namespace for Vault"
-  type        = string
-  default     = "vault"
-}
-
-variable "wait_timeout" {
-  description = "The time it waits for pods to be ready"
-  type        = string
-  default     = "300s"
-}
-
-variable "kms_key_id" {
-  description = "AWS KMS Key ID for auto-unseal"
-  type        = string
-  default     = ""
-}
-
-variable "vault_service_account" {
-  description = "Vault service account name"
-  type        = string
-  default     = "vault"
-}
-
-variable "public_subnet_ids" {
-  description = "List of public subnet IDs for the load balancer"
-  type        = list(string)
-}
-
-variable "allowed_cidr_blocks" {
-  description = "List of CIDR blocks allowed to access the load balancer"
-  type        = list(string)
-  default     = ["0.0.0.0/0"]
-}
-
-variable "load_balancer_scheme" {
-  description = "Load balancer scheme - 'internet-facing' for public access or 'internal' for private access"
-  type        = string
-  default     = "internal"
-  validation {
-    condition     = contains(["internet-facing", "internal"], var.load_balancer_scheme)
-    error_message = "Load balancer scheme must be either 'internet-facing' or 'internal'."
-  }
-}
-
-variable "iam_role_permissions_boundary" {
-  description = "ARN of the policy that is used to set the permissions boundary for the IAM role"
-  type        = string
-  default     = null
-}
-
-variable "storageClassName" {
-  description = "The storageClass name to use"
-  type        = string
-  default     = "gp2"
-}
diff --git a/modules/nullplatform/README.md b/modules/nullplatform/README.md
deleted file mode 100644
index 5ca9045..0000000
--- a/modules/nullplatform/README.md
+++ /dev/null
@@ -1,23 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-No providers.
-
-## Modules
-
-No modules.
-
-## Resources
-
-No resources.
-
-## Inputs
-
-No inputs.
-
-## Outputs
-
-No outputs.
diff --git a/modules/nullplatform/dimensions/README.md b/modules/nullplatform/dimensions/README.md
deleted file mode 100644
index 1cb5953..0000000
--- a/modules/nullplatform/dimensions/README.md
+++ /dev/null
@@ -1,34 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_nullplatform"></a> [nullplatform](#provider\_nullplatform) | n/a |
-
-## Modules
-
-No modules.
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [nullplatform_dimension.environment](https://registry.terraform.io/providers/nullplatform/nullplatform/latest/docs/resources/dimension) | resource |
-| [nullplatform_dimension_value.environment_value](https://registry.terraform.io/providers/nullplatform/nullplatform/latest/docs/resources/dimension_value) | resource |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_environments"></a> [environments](#input\_environments) | The list of environments | `list(string)` | <pre>[<br/>  "development",<br/>  "staging",<br/>  "production"<br/>]</pre> | no |
-| <a name="input_nrn"></a> [nrn](#input\_nrn) | The null platform nrn | `string` | n/a | yes |
-
-## Outputs
-
-| Name | Description |
-|------|-------------|
-| <a name="output_ids"></a> [ids](#output\_ids) | The Ids of the dimensions created |
-| <a name="output_names"></a> [names](#output\_names) | The names of the dimensions created |
diff --git a/modules/nullplatform/dimensions/backend.tf b/modules/nullplatform/dimensions/backend.tf
deleted file mode 100644
index 48aab7d..0000000
--- a/modules/nullplatform/dimensions/backend.tf
+++ /dev/null
@@ -1,7 +0,0 @@
-terraform {
-  required_providers {
-    nullplatform = {
-      source = "nullplatform/nullplatform"
-    }
-  }
-}
diff --git a/modules/nullplatform/dimensions/outputs.tf b/modules/nullplatform/dimensions/outputs.tf
deleted file mode 100644
index 7b63183..0000000
--- a/modules/nullplatform/dimensions/outputs.tf
+++ /dev/null
@@ -1,9 +0,0 @@
-output "ids" {
-  description = "The Ids of the dimensions created"
-  value       = [for env in nullplatform_dimension_value.environment_value : env.id]
-}
-
-output "names" {
-  description = "The names of the dimensions created"
-  value       = var.environments
-}
diff --git a/modules/nullplatform/dimensions/variables.tf b/modules/nullplatform/dimensions/variables.tf
deleted file mode 100644
index e83a07a..0000000
--- a/modules/nullplatform/dimensions/variables.tf
+++ /dev/null
@@ -1,14 +0,0 @@
-################################################################################
-# General Variables from root module
-################################################################################
-
-variable "nrn" {
-  type        = string
-  description = "The null platform nrn"
-}
-
-variable "environments" {
-  type        = list(string)
-  description = "The list of environments"
-  default     = ["development", "staging", "production"]
-}
diff --git a/modules/nullplatform/provider/asset/docker-server/README.md b/modules/nullplatform/provider/asset/docker-server/README.md
deleted file mode 100644
index 398ca4c..0000000
--- a/modules/nullplatform/provider/asset/docker-server/README.md
+++ /dev/null
@@ -1,33 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_nullplatform"></a> [nullplatform](#provider\_nullplatform) | n/a |
-
-## Modules
-
-No modules.
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [nullplatform_provider_config.docker_server](https://registry.terraform.io/providers/nullplatform/nullplatform/latest/docs/resources/provider_config) | resource |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_login_server"></a> [login\_server](#input\_login\_server) | Docker Login server name | `string` | n/a | yes |
-| <a name="input_nrn"></a> [nrn](#input\_nrn) | The null platform nrn | `string` | n/a | yes |
-| <a name="input_password"></a> [password](#input\_password) | Docker password | `string` | n/a | yes |
-| <a name="input_path"></a> [path](#input\_path) | Path to the registry created | `string` | n/a | yes |
-| <a name="input_username"></a> [username](#input\_username) | Docker username | `string` | `"_json_key_base64"` | no |
-
-## Outputs
-
-No outputs.
diff --git a/modules/nullplatform/provider/asset/docker-server/backend.tf b/modules/nullplatform/provider/asset/docker-server/backend.tf
deleted file mode 100644
index 48aab7d..0000000
--- a/modules/nullplatform/provider/asset/docker-server/backend.tf
+++ /dev/null
@@ -1,7 +0,0 @@
-terraform {
-  required_providers {
-    nullplatform = {
-      source = "nullplatform/nullplatform"
-    }
-  }
-}
diff --git a/modules/nullplatform/provider/asset/ecr/.terraform.lock.hcl b/modules/nullplatform/provider/asset/ecr/.terraform.lock.hcl
deleted file mode 100644
index f269b36..0000000
--- a/modules/nullplatform/provider/asset/ecr/.terraform.lock.hcl
+++ /dev/null
@@ -1,41 +0,0 @@
-# This file is maintained automatically by "tofu init".
-# Manual edits may be lost in future updates.
-
-provider "registry.opentofu.org/hashicorp/azurerm" {
-  version = "4.19.0"
-  hashes = [
-    "h1:nYJrDZgta67mFtKdd8ypCdxcAPvdz1vAabb4yh6ms8g=",
-    "zh:2ad30ba69767c30c1a97ceac3fd9f3c20d4a503f9bc0d2390929fe1bf993e882",
-    "zh:3103558709ba3d2903c18d590e81f7f6c603ffdcb5102fea42c41223e986ece6",
-    "zh:62d184427b38cc7befbae1e190431201b2d5bf214d55bba1fe65ffe53554a2b2",
-    "zh:761cc8f1a87e8215a55439891c1596b3522cdbddbb8784b57d21ff3140dacc09",
-    "zh:970cd1530c95621ab261e39183e2a516859744f16f9a198acd6fb4c39b2aa7a9",
-    "zh:9dcb1c531c43e34f75d1f01f0d5f0a7c13ba8049ac6f3177f56b08faa4254714",
-    "zh:b581aea03dbbee771f75c3cc3c0660a735544f9d91cc3dbf41ebf0ed764057be",
-    "zh:b7e5b92e8eba1b1bf8ce47925ff4e53f96351f4d88ce5a0bbd72b0b83f799537",
-    "zh:cf1e1698713b20425deffc3e52c4eea345fbb422c0acf1bef32777657096ec30",
-    "zh:ea9eb7fe756f498c3c46bfbb87bff3e58892751ce90b521ef87f6736132fad09",
-  ]
-}
-
-provider "registry.opentofu.org/nullplatform/nullplatform" {
-  version = "0.0.50"
-  hashes = [
-    "h1:SpVt8qRCAbEqMZ24pSJLFuJ77cmDtbd9Twggk5IhHpo=",
-    "zh:13e064b2cb9810afacc1cea10119ae79d0eee2cb358073c91bcec580a6f20fa7",
-    "zh:2939e4c20111ed71ad0f1d3022756aeade36afeae9bfd6b8d0bc29143d428d41",
-    "zh:2afe3a28241f14ff502c64419225945714544e0bd8447ece85ea188230ee76f3",
-    "zh:4332b4e06b9be0da0669fb36f7345b19c7a858891f47398117de258b84ed67ea",
-    "zh:4657a3f422edc0358176a770a9fed9a464be2831260d1c572a214dcc705cf835",
-    "zh:5df5d97d819e068f198e580712ff351509e8fd36494642f88c8e995b9b0b6157",
-    "zh:95611701e2d9c1107ca3cd028355f0cdb3fd89abc794ab3b23e43adbe0709b67",
-    "zh:9a78a06b4221dc3ee4db54c2d2cd7dae46730f2a6356c33b4f228683c46f8074",
-    "zh:ac604ca7b534dd7a0700e6cacb46cc93a2b20e56f4c63cb23e1624ea90cb7602",
-    "zh:b485b58550b4d04e5471f056c941e1f8f0de6efac1b323d00f23cba72253572c",
-    "zh:c86870ee600c54edcb085cb32850db955e47bfc0daa3b068dc51590e27b73d86",
-    "zh:e684601ec015e7a132c607c28cd4787aab1008648eb1b4ac14552701145cc6d8",
-    "zh:e82423ae69f1536c70b778b1333998d8b34ffa8686e7a0b6575f0872a7c2fd4d",
-    "zh:eaf45f4384ca089a1886fc91c10c6f46109dba964a06d6f0a9110b6cb2abab5b",
-    "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
-  ]
-}
diff --git a/modules/nullplatform/provider/asset/ecr/README.md b/modules/nullplatform/provider/asset/ecr/README.md
deleted file mode 100644
index a9c25aa..0000000
--- a/modules/nullplatform/provider/asset/ecr/README.md
+++ /dev/null
@@ -1,33 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_nullplatform"></a> [nullplatform](#provider\_nullplatform) | 0.0.50 |
-
-## Modules
-
-No modules.
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [nullplatform_provider_config.ecr](https://registry.terraform.io/providers/nullplatform/nullplatform/latest/docs/resources/provider_config) | resource |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_application_manager_role"></a> [application\_manager\_role](#input\_application\_manager\_role) | The IAM role arn used to create repositories on an application creation | `string` | n/a | yes |
-| <a name="input_build_workflow_user_access_key_id"></a> [build\_workflow\_user\_access\_key\_id](#input\_build\_workflow\_user\_access\_key\_id) | AWS Access key used by Nullplatform to push images to ECR | `string` | n/a | yes |
-| <a name="input_build_workflow_user_secret_access_key"></a> [build\_workflow\_user\_secret\_access\_key](#input\_build\_workflow\_user\_secret\_access\_key) | AWS Secret key used by Nullplatform to push images to ECR | `string` | n/a | yes |
-| <a name="input_nrn"></a> [nrn](#input\_nrn) | The null platform nrn | `string` | n/a | yes |
-| <a name="input_region"></a> [region](#input\_region) | ECR AWS region | `string` | n/a | yes |
-
-## Outputs
-
-No outputs.
diff --git a/modules/nullplatform/provider/asset/ecr/backend.tf b/modules/nullplatform/provider/asset/ecr/backend.tf
deleted file mode 100644
index 48aab7d..0000000
--- a/modules/nullplatform/provider/asset/ecr/backend.tf
+++ /dev/null
@@ -1,7 +0,0 @@
-terraform {
-  required_providers {
-    nullplatform = {
-      source = "nullplatform/nullplatform"
-    }
-  }
-}
diff --git a/modules/nullplatform/provider/asset/ecr/main.tf b/modules/nullplatform/provider/asset/ecr/main.tf
deleted file mode 100644
index 6d1cec7..0000000
--- a/modules/nullplatform/provider/asset/ecr/main.tf
+++ /dev/null
@@ -1,18 +0,0 @@
-resource "nullplatform_provider_config" "ecr" {
-  provider   = nullplatform
-  nrn        = var.nrn
-  type       = "ecr"
-  dimensions = {}
-  attributes = jsonencode({
-    "ci" : {
-      "region" : var.region,
-      "access_key" : var.build_workflow_user_access_key_id
-      "secret_key" : var.build_workflow_user_secret_access_key
-    },
-    "setup" : {
-      "region" : var.region,
-      "role_arn" : var.application_manager_role
-    }
-  })
-}
-
diff --git a/modules/nullplatform/provider/asset/ecr/variables.tf b/modules/nullplatform/provider/asset/ecr/variables.tf
deleted file mode 100644
index 05339ba..0000000
--- a/modules/nullplatform/provider/asset/ecr/variables.tf
+++ /dev/null
@@ -1,24 +0,0 @@
-variable "nrn" {
-  type        = string
-  description = "The null platform nrn"
-}
-
-variable "region" {
-  description = "ECR AWS region"
-  type        = string
-}
-
-variable "build_workflow_user_access_key_id" {
-  description = "AWS Access key used by Nullplatform to push images to ECR"
-  type        = string
-}
-
-variable "build_workflow_user_secret_access_key" {
-  description = "AWS Secret key used by Nullplatform to push images to ECR"
-  type        = string
-}
-
-variable "application_manager_role" {
-  description = "The IAM role arn used to create repositories on an application creation"
-  type        = string
-}
diff --git a/modules/nullplatform/provider/asset/s3/.terraform.lock.hcl b/modules/nullplatform/provider/asset/s3/.terraform.lock.hcl
deleted file mode 100644
index f269b36..0000000
--- a/modules/nullplatform/provider/asset/s3/.terraform.lock.hcl
+++ /dev/null
@@ -1,41 +0,0 @@
-# This file is maintained automatically by "tofu init".
-# Manual edits may be lost in future updates.
-
-provider "registry.opentofu.org/hashicorp/azurerm" {
-  version = "4.19.0"
-  hashes = [
-    "h1:nYJrDZgta67mFtKdd8ypCdxcAPvdz1vAabb4yh6ms8g=",
-    "zh:2ad30ba69767c30c1a97ceac3fd9f3c20d4a503f9bc0d2390929fe1bf993e882",
-    "zh:3103558709ba3d2903c18d590e81f7f6c603ffdcb5102fea42c41223e986ece6",
-    "zh:62d184427b38cc7befbae1e190431201b2d5bf214d55bba1fe65ffe53554a2b2",
-    "zh:761cc8f1a87e8215a55439891c1596b3522cdbddbb8784b57d21ff3140dacc09",
-    "zh:970cd1530c95621ab261e39183e2a516859744f16f9a198acd6fb4c39b2aa7a9",
-    "zh:9dcb1c531c43e34f75d1f01f0d5f0a7c13ba8049ac6f3177f56b08faa4254714",
-    "zh:b581aea03dbbee771f75c3cc3c0660a735544f9d91cc3dbf41ebf0ed764057be",
-    "zh:b7e5b92e8eba1b1bf8ce47925ff4e53f96351f4d88ce5a0bbd72b0b83f799537",
-    "zh:cf1e1698713b20425deffc3e52c4eea345fbb422c0acf1bef32777657096ec30",
-    "zh:ea9eb7fe756f498c3c46bfbb87bff3e58892751ce90b521ef87f6736132fad09",
-  ]
-}
-
-provider "registry.opentofu.org/nullplatform/nullplatform" {
-  version = "0.0.50"
-  hashes = [
-    "h1:SpVt8qRCAbEqMZ24pSJLFuJ77cmDtbd9Twggk5IhHpo=",
-    "zh:13e064b2cb9810afacc1cea10119ae79d0eee2cb358073c91bcec580a6f20fa7",
-    "zh:2939e4c20111ed71ad0f1d3022756aeade36afeae9bfd6b8d0bc29143d428d41",
-    "zh:2afe3a28241f14ff502c64419225945714544e0bd8447ece85ea188230ee76f3",
-    "zh:4332b4e06b9be0da0669fb36f7345b19c7a858891f47398117de258b84ed67ea",
-    "zh:4657a3f422edc0358176a770a9fed9a464be2831260d1c572a214dcc705cf835",
-    "zh:5df5d97d819e068f198e580712ff351509e8fd36494642f88c8e995b9b0b6157",
-    "zh:95611701e2d9c1107ca3cd028355f0cdb3fd89abc794ab3b23e43adbe0709b67",
-    "zh:9a78a06b4221dc3ee4db54c2d2cd7dae46730f2a6356c33b4f228683c46f8074",
-    "zh:ac604ca7b534dd7a0700e6cacb46cc93a2b20e56f4c63cb23e1624ea90cb7602",
-    "zh:b485b58550b4d04e5471f056c941e1f8f0de6efac1b323d00f23cba72253572c",
-    "zh:c86870ee600c54edcb085cb32850db955e47bfc0daa3b068dc51590e27b73d86",
-    "zh:e684601ec015e7a132c607c28cd4787aab1008648eb1b4ac14552701145cc6d8",
-    "zh:e82423ae69f1536c70b778b1333998d8b34ffa8686e7a0b6575f0872a7c2fd4d",
-    "zh:eaf45f4384ca089a1886fc91c10c6f46109dba964a06d6f0a9110b6cb2abab5b",
-    "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
-  ]
-}
diff --git a/modules/nullplatform/provider/asset/s3/README.md b/modules/nullplatform/provider/asset/s3/README.md
deleted file mode 100644
index a1e0dad..0000000
--- a/modules/nullplatform/provider/asset/s3/README.md
+++ /dev/null
@@ -1,30 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_nullplatform"></a> [nullplatform](#provider\_nullplatform) | 0.0.50 |
-
-## Modules
-
-No modules.
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [nullplatform_provider_config.s3](https://registry.terraform.io/providers/nullplatform/nullplatform/latest/docs/resources/provider_config) | resource |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_lambda_assets_bucket"></a> [lambda\_assets\_bucket](#input\_lambda\_assets\_bucket) | Bucket where assets for lambda functions are stored | `string` | n/a | yes |
-| <a name="input_nrn"></a> [nrn](#input\_nrn) | The null platform nrn | `string` | n/a | yes |
-
-## Outputs
-
-No outputs.
diff --git a/modules/nullplatform/provider/asset/s3/backend.tf b/modules/nullplatform/provider/asset/s3/backend.tf
deleted file mode 100644
index 8886af7..0000000
--- a/modules/nullplatform/provider/asset/s3/backend.tf
+++ /dev/null
@@ -1,10 +0,0 @@
-terraform {
-  required_providers {
-    nullplatform = {
-      source = "nullplatform/nullplatform"
-    }
-    azurerm = {
-      source = "hashicorp/azurerm"
-    }
-  }
-}
diff --git a/modules/nullplatform/provider/asset/s3/main.tf b/modules/nullplatform/provider/asset/s3/main.tf
deleted file mode 100644
index 04a8206..0000000
--- a/modules/nullplatform/provider/asset/s3/main.tf
+++ /dev/null
@@ -1,11 +0,0 @@
-resource "nullplatform_provider_config" "s3" {
-  provider   = nullplatform
-  nrn        = var.nrn
-  type       = "s3-configuration"
-  dimensions = {}
-  attributes = jsonencode({
-    "bucket" : {
-      "name" : var.lambda_assets_bucket
-    }
-  })
-}
diff --git a/modules/nullplatform/provider/asset/s3/variables.tf b/modules/nullplatform/provider/asset/s3/variables.tf
deleted file mode 100644
index f733abd..0000000
--- a/modules/nullplatform/provider/asset/s3/variables.tf
+++ /dev/null
@@ -1,9 +0,0 @@
-variable "nrn" {
-  type        = string
-  description = "The null platform nrn"
-}
-
-variable "lambda_assets_bucket" {
-  description = "Bucket where assets for lambda functions are stored"
-  type        = string
-}
diff --git a/modules/nullplatform/provider/cloud/README.md b/modules/nullplatform/provider/cloud/README.md
deleted file mode 100644
index 5ca9045..0000000
--- a/modules/nullplatform/provider/cloud/README.md
+++ /dev/null
@@ -1,23 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-No providers.
-
-## Modules
-
-No modules.
-
-## Resources
-
-No resources.
-
-## Inputs
-
-No inputs.
-
-## Outputs
-
-No outputs.
diff --git a/modules/nullplatform/provider/cloud/aws/.terraform.lock.hcl b/modules/nullplatform/provider/cloud/aws/.terraform.lock.hcl
deleted file mode 100644
index 8ef8c42..0000000
--- a/modules/nullplatform/provider/cloud/aws/.terraform.lock.hcl
+++ /dev/null
@@ -1,46 +0,0 @@
-# This file is maintained automatically by "terraform init".
-# Manual edits may be lost in future updates.
-
-provider "registry.terraform.io/hashicorp/aws" {
-  version = "6.10.0"
-  hashes = [
-    "h1:3+TkVoKllN+U48xMQjZCB692MigTQCLkEfug6aYMG/c=",
-    "zh:3c92efebaf635372bf7283e04fc667d59b0ff3cf1aacd011fc484a11f70954d9",
-    "zh:404b2a1d360851e63f25945406f2d0c2cb9c20b361552ce01bf7fe3df516a5bf",
-    "zh:523b1640e2b9e2b548876a1dccc627c290f342255d727568fe4becfd9a8f5689",
-    "zh:697adf10c76384195303650555229129d64135f5be3abf95da0bf4b6de742054",
-    "zh:69d6177e3e106518844373871d4e6377003336761aab884da32f66b034229b5c",
-    "zh:6a41899ce8ab9cdd6f706160fd350951e5f3fc1432a37e638d3576a780c686fd",
-    "zh:6e8fd28299d6bf0ab6922cf987757e578f357a45ac45abc312688580dbde3bee",
-    "zh:7ca4bfb5a8f89586dd0c8dd9c1e638a03bc7c6f456bcc29be57cfb7bdc90fc30",
-    "zh:8fe1f6e0a2718318bae3f53a4fb77bc9eaef0fc4131145996f48482b135830c6",
-    "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425",
-    "zh:b221cfbc9f19ad30719b773f05f45571e88b124c15c35ac230021df1bb1110f5",
-    "zh:b458c357b5f38092e374957e51827d9113447696deccf0cb01f5684d976e7725",
-    "zh:b7fbb1b05972d73d72af58a2179ac124c6d69a4f0392aa2ce4dc855e78f52268",
-    "zh:d95da0dc45df0f30005e17c5206addbd62b0471c265d9855fe8039bf6f2adef7",
-    "zh:db5dd4120c6ab6ae13df67353a9bc902ac34d01c1d297812d628ebf61dc6f681",
-  ]
-}
-
-provider "registry.terraform.io/nullplatform/nullplatform" {
-  version = "0.0.67"
-  hashes = [
-    "h1:zSLxZP4h6M9BvwZJioiBee91ezjobz9/Od0/Z0jboaE=",
-    "zh:10f229fa98947f36131f0a47333009e5ce00a355fb4ff5586e812d61691d5367",
-    "zh:1961d95c204f5f4976961b65843695c99b64746ec53dbe5d965a19fe52e9f448",
-    "zh:20e2f782a10fd3f6c9a0e154cebae36abbe74fe591f47453d3b08f8eb0fc049e",
-    "zh:2e60dcdfea18d1d975be05bcda94ab748be6ba6ea9eba4250d9bbfe08cb3a6c6",
-    "zh:343b1ca672061ef1c30e45aa02b70901be2db4d9ea4bdb67101483f00fe4d503",
-    "zh:54d94184600350360b14499bcbe75ded1df0afa5b52cb9f1de940259efee1dc9",
-    "zh:56ce4326785d8f3c8ee510cc4b8a05878b611a997552ffbc1d52d449a5fbbb1f",
-    "zh:7b6fda50448ff0a2573d6695216442f50159fbc6cc769c24a3d2e49286c76028",
-    "zh:8fce4e5808f7dc28f631a0408ae5a488e2c45f1a6da00bc3c4496066f99a7513",
-    "zh:ab42579c18cfda2c9172bff516e87efe6b7b0958aa31905f0d60c9ac74f583a8",
-    "zh:b89246315045a4c49a2cda19a3c398cc6c749b23ae8fdfbb592c68e9ae88b8ba",
-    "zh:ca54131274159aff9a45d795c816e2df1175a6912b0bd880dda98a269ea641ae",
-    "zh:d36e6d9e8bf62b2650bf8d5d118db7c8ff44f701d4d88c4ec8df7d13fc6f9780",
-    "zh:e3c59713748c8b0204e55bab117b864515adaa5e62afb0667a65bb4c7d998fa2",
-    "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
-  ]
-}
diff --git a/modules/nullplatform/provider/cloud/aws/README.md b/modules/nullplatform/provider/cloud/aws/README.md
deleted file mode 100644
index 03f0c57..0000000
--- a/modules/nullplatform/provider/cloud/aws/README.md
+++ /dev/null
@@ -1,39 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.87.0 |
-| <a name="provider_nullplatform"></a> [nullplatform](#provider\_nullplatform) | 0.0.50 |
-
-## Modules
-
-No modules.
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [nullplatform_provider_config.aws](https://registry.terraform.io/providers/nullplatform/nullplatform/latest/docs/resources/provider_config) | resource |
-| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_dimensions"></a> [dimensions](#input\_dimensions) | A map of dimension values to configure Nullplatform | `map(string)` | `{}` | no |
-| <a name="input_domain_name"></a> [domain\_name](#input\_domain\_name) | n/a | `string` | n/a | yes |
-| <a name="input_environment"></a> [environment](#input\_environment) | The environment dimension value to which the configuraion applies | `string` | n/a | yes |
-| <a name="input_hosted_public_zone_id"></a> [hosted\_public\_zone\_id](#input\_hosted\_public\_zone\_id) | The Hosted zone if for the public dns | `string` | n/a | yes |
-| <a name="input_hosted_zone_id"></a> [hosted\_zone\_id](#input\_hosted\_zone\_id) | The Hosted zone if for the private dns | `string` | n/a | yes |
-| <a name="input_include_environment"></a> [include\_environment](#input\_include\_environment) | use Environment as default dimension | `bool` | `true` | no |
-| <a name="input_nrn"></a> [nrn](#input\_nrn) | The null platform nrn | `string` | n/a | yes |
-| <a name="input_region"></a> [region](#input\_region) | n/a | `string` | n/a | yes |
-| <a name="input_scope_manager_role"></a> [scope\_manager\_role](#input\_scope\_manager\_role) | Add admin role to the aws-auth configmap | `string` | n/a | yes |
-
-## Outputs
-
-No outputs.
diff --git a/modules/nullplatform/provider/cloud/aws/backend.tf b/modules/nullplatform/provider/cloud/aws/backend.tf
deleted file mode 100644
index 48aab7d..0000000
--- a/modules/nullplatform/provider/cloud/aws/backend.tf
+++ /dev/null
@@ -1,7 +0,0 @@
-terraform {
-  required_providers {
-    nullplatform = {
-      source = "nullplatform/nullplatform"
-    }
-  }
-}
diff --git a/modules/nullplatform/provider/cloud/aws/locals.tf b/modules/nullplatform/provider/cloud/aws/locals.tf
deleted file mode 100644
index f315038..0000000
--- a/modules/nullplatform/provider/cloud/aws/locals.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-locals {
-  dimensions = merge(var.include_environment ? { environment = var.environment } : {}, var.dimensions)
-}
diff --git a/modules/nullplatform/provider/cloud/aws/main.tf b/modules/nullplatform/provider/cloud/aws/main.tf
deleted file mode 100644
index dc9a07d..0000000
--- a/modules/nullplatform/provider/cloud/aws/main.tf
+++ /dev/null
@@ -1,21 +0,0 @@
-resource "nullplatform_provider_config" "aws" {
-  provider   = nullplatform
-  nrn        = var.nrn
-  type       = "aws-configuration"
-  dimensions = local.dimensions
-  attributes = jsonencode({
-    iam = {
-      scope_workflow_role = var.scope_manager_role
-    }
-    account = {
-      id     = data.aws_caller_identity.current.account_id
-      region = var.region
-    }
-    networking = {
-      application_domain    = var.application_domain
-      domain_name           = var.domain_name
-      hosted_zone_id        = var.hosted_zone_id
-      hosted_public_zone_id = var.hosted_public_zone_id
-    }
-  })
-}
diff --git a/modules/nullplatform/provider/cloud/aws/variables.tf b/modules/nullplatform/provider/cloud/aws/variables.tf
deleted file mode 100644
index c9cdce5..0000000
--- a/modules/nullplatform/provider/cloud/aws/variables.tf
+++ /dev/null
@@ -1,50 +0,0 @@
-variable "nrn" {
-  type        = string
-  description = "The null platform nrn"
-}
-
-variable "environment" {
-  type        = string
-  description = "The environment dimension value to which the configuraion applies"
-}
-
-variable "dimensions" {
-  type        = map(string)
-  description = "A map of dimension values to configure Nullplatform"
-  default     = {}
-}
-
-variable "include_environment" {
-  type        = bool
-  description = "use Environment as default dimension"
-  default     = true
-}
-
-variable "region" {
-  type = string
-}
-
-variable "domain_name" {
-  type = string
-}
-
-variable "scope_manager_role" {
-  type        = string
-  description = "Add admin role to the aws-auth configmap"
-}
-
-variable "hosted_zone_id" {
-  type        = string
-  description = "The Hosted zone if for the private dns"
-}
-
-variable "hosted_public_zone_id" {
-  type        = string
-  description = "The Hosted zone if for the public dns"
-}
-
-variable "application_domain" {
-  type        = bool
-  description = "Enable application domain in networking configuration"
-  default     = true
-}
diff --git a/modules/nullplatform/provider/cloud/gcp/.terraform.lock.hcl b/modules/nullplatform/provider/cloud/gcp/.terraform.lock.hcl
deleted file mode 100644
index 061eabe..0000000
--- a/modules/nullplatform/provider/cloud/gcp/.terraform.lock.hcl
+++ /dev/null
@@ -1,24 +0,0 @@
-# This file is maintained automatically by "tofu init".
-# Manual edits may be lost in future updates.
-
-provider "registry.opentofu.org/nullplatform/nullplatform" {
-  version = "0.0.50"
-  hashes = [
-    "h1:SpVt8qRCAbEqMZ24pSJLFuJ77cmDtbd9Twggk5IhHpo=",
-    "zh:13e064b2cb9810afacc1cea10119ae79d0eee2cb358073c91bcec580a6f20fa7",
-    "zh:2939e4c20111ed71ad0f1d3022756aeade36afeae9bfd6b8d0bc29143d428d41",
-    "zh:2afe3a28241f14ff502c64419225945714544e0bd8447ece85ea188230ee76f3",
-    "zh:4332b4e06b9be0da0669fb36f7345b19c7a858891f47398117de258b84ed67ea",
-    "zh:4657a3f422edc0358176a770a9fed9a464be2831260d1c572a214dcc705cf835",
-    "zh:5df5d97d819e068f198e580712ff351509e8fd36494642f88c8e995b9b0b6157",
-    "zh:95611701e2d9c1107ca3cd028355f0cdb3fd89abc794ab3b23e43adbe0709b67",
-    "zh:9a78a06b4221dc3ee4db54c2d2cd7dae46730f2a6356c33b4f228683c46f8074",
-    "zh:ac604ca7b534dd7a0700e6cacb46cc93a2b20e56f4c63cb23e1624ea90cb7602",
-    "zh:b485b58550b4d04e5471f056c941e1f8f0de6efac1b323d00f23cba72253572c",
-    "zh:c86870ee600c54edcb085cb32850db955e47bfc0daa3b068dc51590e27b73d86",
-    "zh:e684601ec015e7a132c607c28cd4787aab1008648eb1b4ac14552701145cc6d8",
-    "zh:e82423ae69f1536c70b778b1333998d8b34ffa8686e7a0b6575f0872a7c2fd4d",
-    "zh:eaf45f4384ca089a1886fc91c10c6f46109dba964a06d6f0a9110b6cb2abab5b",
-    "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
-  ]
-}
diff --git a/modules/nullplatform/provider/cloud/gcp/README.md b/modules/nullplatform/provider/cloud/gcp/README.md
deleted file mode 100644
index 0e03f8f..0000000
--- a/modules/nullplatform/provider/cloud/gcp/README.md
+++ /dev/null
@@ -1,38 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_nullplatform"></a> [nullplatform](#provider\_nullplatform) | 0.0.50 |
-
-## Modules
-
-No modules.
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [nullplatform_provider_config.gcp](https://registry.terraform.io/providers/nullplatform/nullplatform/latest/docs/resources/provider_config) | resource |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_credentials_file"></a> [credentials\_file](#input\_credentials\_file) | Base64 credentials file | `string` | n/a | yes |
-| <a name="input_dimensions"></a> [dimensions](#input\_dimensions) | A map of dimension values to configure Nullplatform | `map(string)` | `{}` | no |
-| <a name="input_domain_name"></a> [domain\_name](#input\_domain\_name) | Domain name | `string` | n/a | yes |
-| <a name="input_environment"></a> [environment](#input\_environment) | The environment dimension value to which the configuraion applies | `string` | n/a | yes |
-| <a name="input_include_environment"></a> [include\_environment](#input\_include\_environment) | use Environment as default dimension | `bool` | `true` | no |
-| <a name="input_nrn"></a> [nrn](#input\_nrn) | The null platform nrn | `string` | n/a | yes |
-| <a name="input_private_dns_zone_name"></a> [private\_dns\_zone\_name](#input\_private\_dns\_zone\_name) | gcp private zone name | `string` | n/a | yes |
-| <a name="input_project_id"></a> [project\_id](#input\_project\_id) | ID del Proyecto en GCP | `string` | n/a | yes |
-| <a name="input_public_dns_zone_name"></a> [public\_dns\_zone\_name](#input\_public\_dns\_zone\_name) | gcp public zone name | `string` | n/a | yes |
-| <a name="input_use_application_domain"></a> [use\_application\_domain](#input\_use\_application\_domain) | false | `bool` | n/a | yes |
-
-## Outputs
-
-No outputs.
diff --git a/modules/nullplatform/provider/cloud/gcp/backend.tf b/modules/nullplatform/provider/cloud/gcp/backend.tf
deleted file mode 100644
index 48aab7d..0000000
--- a/modules/nullplatform/provider/cloud/gcp/backend.tf
+++ /dev/null
@@ -1,7 +0,0 @@
-terraform {
-  required_providers {
-    nullplatform = {
-      source = "nullplatform/nullplatform"
-    }
-  }
-}
diff --git a/modules/nullplatform/provider/cloud/gcp/locals.tf b/modules/nullplatform/provider/cloud/gcp/locals.tf
deleted file mode 100644
index f315038..0000000
--- a/modules/nullplatform/provider/cloud/gcp/locals.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-locals {
-  dimensions = merge(var.include_environment ? { environment = var.environment } : {}, var.dimensions)
-}
diff --git a/modules/nullplatform/provider/cloud/gcp/main.tf b/modules/nullplatform/provider/cloud/gcp/main.tf
deleted file mode 100644
index f514c81..0000000
--- a/modules/nullplatform/provider/cloud/gcp/main.tf
+++ /dev/null
@@ -1,19 +0,0 @@
-resource "nullplatform_provider_config" "gcp" {
-  nrn        = var.nrn
-  type       = "google-cloud-configuration"
-  dimensions = var.dimensions
-  attributes = jsonencode({
-    "project" : {
-      "id" : var.project_id
-    },
-    "networking" : {
-      "domain_name" : var.domain_name,
-      "application_domain" : var.use_application_domain,
-      "public_dns_zone_name" : var.public_dns_zone_name
-      "private_dns_zone_name" : var.private_dns_zone_name
-    },
-    "authentication" : {
-      "service_account_key" : var.credentials_file
-    }
-  })
-}
diff --git a/modules/nullplatform/provider/cloud/gcp/variables.tf b/modules/nullplatform/provider/cloud/gcp/variables.tf
deleted file mode 100644
index 9fe9e0f..0000000
--- a/modules/nullplatform/provider/cloud/gcp/variables.tf
+++ /dev/null
@@ -1,51 +0,0 @@
-variable "nrn" {
-  type        = string
-  description = "The null platform nrn"
-}
-
-variable "environment" {
-  type        = string
-  description = "The environment dimension value to which the configuraion applies"
-}
-
-variable "dimensions" {
-  type        = map(string)
-  description = "A map of dimension values to configure Nullplatform"
-  default     = {}
-}
-
-variable "include_environment" {
-  type        = bool
-  description = "use Environment as default dimension"
-  default     = true
-}
-
-variable "project_id" {
-  type        = string
-  description = "ID del Proyecto en GCP"
-}
-
-variable "domain_name" {
-  description = "Domain name"
-  type        = string
-}
-
-variable "public_dns_zone_name" {
-  description = "gcp public zone name"
-  type        = string
-}
-
-variable "private_dns_zone_name" {
-  description = "gcp private zone name"
-  type        = string
-}
-
-variable "use_application_domain" {
-  description = false
-  type        = bool
-}
-
-variable "credentials_file" {
-  description = "Base64 credentials file"
-  type        = string
-}
diff --git a/modules/nullplatform/provider/code/github/README.md b/modules/nullplatform/provider/code/github/README.md
deleted file mode 100644
index 58a7b3c..0000000
--- a/modules/nullplatform/provider/code/github/README.md
+++ /dev/null
@@ -1,31 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_nullplatform"></a> [nullplatform](#provider\_nullplatform) | n/a |
-
-## Modules
-
-No modules.
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [nullplatform_provider_config.github](https://registry.terraform.io/providers/nullplatform/nullplatform/latest/docs/resources/provider_config) | resource |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_nrn"></a> [nrn](#input\_nrn) | The null platform nrn | `string` | n/a | yes |
-| <a name="input_organization"></a> [organization](#input\_organization) | The github organization to associate to nullplatform. | `string` | n/a | yes |
-| <a name="input_organization_installation_id"></a> [organization\_installation\_id](#input\_organization\_installation\_id) | The github installation id after installing the organization to Nullplatform github application. | `string` | n/a | yes |
-
-## Outputs
-
-No outputs.
diff --git a/modules/nullplatform/provider/code/github/backend.tf b/modules/nullplatform/provider/code/github/backend.tf
deleted file mode 100644
index 8886af7..0000000
--- a/modules/nullplatform/provider/code/github/backend.tf
+++ /dev/null
@@ -1,10 +0,0 @@
-terraform {
-  required_providers {
-    nullplatform = {
-      source = "nullplatform/nullplatform"
-    }
-    azurerm = {
-      source = "hashicorp/azurerm"
-    }
-  }
-}
diff --git a/modules/nullplatform/provider/code/github/main.tf b/modules/nullplatform/provider/code/github/main.tf
deleted file mode 100644
index ed69e6b..0000000
--- a/modules/nullplatform/provider/code/github/main.tf
+++ /dev/null
@@ -1,13 +0,0 @@
-resource "nullplatform_provider_config" "github" {
-  nrn        = try(regex("(.*):namespace.*", var.nrn)[0], var.nrn)
-  type       = "github-configuration"
-  dimensions = {}
-  attributes = jsonencode({
-    "setup" : {
-      "organization" : var.organization,
-      "installation_id" : var.organization_installation_id,
-    },
-    }
-  )
-}
-
diff --git a/modules/nullplatform/provider/code/github/variables.tf b/modules/nullplatform/provider/code/github/variables.tf
deleted file mode 100644
index b4a03fc..0000000
--- a/modules/nullplatform/provider/code/github/variables.tf
+++ /dev/null
@@ -1,14 +0,0 @@
-variable "nrn" {
-  type        = string
-  description = "The null platform nrn"
-}
-
-variable "organization" {
-  type        = string
-  description = "The github organization to associate to nullplatform."
-}
-
-variable "organization_installation_id" {
-  type        = string
-  description = "The github installation id after installing the organization to Nullplatform github application."
-}
diff --git a/modules/nullplatform/provider/compute/ec2/.terraform.lock.hcl b/modules/nullplatform/provider/compute/ec2/.terraform.lock.hcl
deleted file mode 100644
index 061eabe..0000000
--- a/modules/nullplatform/provider/compute/ec2/.terraform.lock.hcl
+++ /dev/null
@@ -1,24 +0,0 @@
-# This file is maintained automatically by "tofu init".
-# Manual edits may be lost in future updates.
-
-provider "registry.opentofu.org/nullplatform/nullplatform" {
-  version = "0.0.50"
-  hashes = [
-    "h1:SpVt8qRCAbEqMZ24pSJLFuJ77cmDtbd9Twggk5IhHpo=",
-    "zh:13e064b2cb9810afacc1cea10119ae79d0eee2cb358073c91bcec580a6f20fa7",
-    "zh:2939e4c20111ed71ad0f1d3022756aeade36afeae9bfd6b8d0bc29143d428d41",
-    "zh:2afe3a28241f14ff502c64419225945714544e0bd8447ece85ea188230ee76f3",
-    "zh:4332b4e06b9be0da0669fb36f7345b19c7a858891f47398117de258b84ed67ea",
-    "zh:4657a3f422edc0358176a770a9fed9a464be2831260d1c572a214dcc705cf835",
-    "zh:5df5d97d819e068f198e580712ff351509e8fd36494642f88c8e995b9b0b6157",
-    "zh:95611701e2d9c1107ca3cd028355f0cdb3fd89abc794ab3b23e43adbe0709b67",
-    "zh:9a78a06b4221dc3ee4db54c2d2cd7dae46730f2a6356c33b4f228683c46f8074",
-    "zh:ac604ca7b534dd7a0700e6cacb46cc93a2b20e56f4c63cb23e1624ea90cb7602",
-    "zh:b485b58550b4d04e5471f056c941e1f8f0de6efac1b323d00f23cba72253572c",
-    "zh:c86870ee600c54edcb085cb32850db955e47bfc0daa3b068dc51590e27b73d86",
-    "zh:e684601ec015e7a132c607c28cd4787aab1008648eb1b4ac14552701145cc6d8",
-    "zh:e82423ae69f1536c70b778b1333998d8b34ffa8686e7a0b6575f0872a7c2fd4d",
-    "zh:eaf45f4384ca089a1886fc91c10c6f46109dba964a06d6f0a9110b6cb2abab5b",
-    "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
-  ]
-}
diff --git a/modules/nullplatform/provider/compute/ec2/README.md b/modules/nullplatform/provider/compute/ec2/README.md
deleted file mode 100644
index 53cb5bb..0000000
--- a/modules/nullplatform/provider/compute/ec2/README.md
+++ /dev/null
@@ -1,36 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_nullplatform"></a> [nullplatform](#provider\_nullplatform) | 0.0.50 |
-
-## Modules
-
-No modules.
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [nullplatform_provider_config.ec2](https://registry.terraform.io/providers/nullplatform/nullplatform/latest/docs/resources/provider_config) | resource |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_ami_id"></a> [ami\_id](#input\_ami\_id) | AMI Id used to launch to EC2 instances | `string` | `"ami-0a6dd292b2a2a778c"` | no |
-| <a name="input_dimensions"></a> [dimensions](#input\_dimensions) | A map of dimension values to configure Nullplatform | `map(string)` | `{}` | no |
-| <a name="input_environment"></a> [environment](#input\_environment) | The environment dimension value to which the configuraion applies | `string` | n/a | yes |
-| <a name="input_include_environment"></a> [include\_environment](#input\_include\_environment) | use Environment as default dimension | `bool` | `true` | no |
-| <a name="input_instance_profile"></a> [instance\_profile](#input\_instance\_profile) | The IAM Instance profile to attach to EC2 instances | `string` | n/a | yes |
-| <a name="input_nrn"></a> [nrn](#input\_nrn) | The null platform nrn | `string` | n/a | yes |
-| <a name="input_parameters_bucket"></a> [parameters\_bucket](#input\_parameters\_bucket) | The parameters bucket storage | `string` | n/a | yes |
-| <a name="input_parameters_encryption_secret"></a> [parameters\_encryption\_secret](#input\_parameters\_encryption\_secret) | The parameters bucket storage encryption key | `string` | n/a | yes |
-
-## Outputs
-
-No outputs.
diff --git a/modules/nullplatform/provider/compute/ec2/backend.tf b/modules/nullplatform/provider/compute/ec2/backend.tf
deleted file mode 100644
index 48aab7d..0000000
--- a/modules/nullplatform/provider/compute/ec2/backend.tf
+++ /dev/null
@@ -1,7 +0,0 @@
-terraform {
-  required_providers {
-    nullplatform = {
-      source = "nullplatform/nullplatform"
-    }
-  }
-}
diff --git a/modules/nullplatform/provider/compute/ec2/locals.tf b/modules/nullplatform/provider/compute/ec2/locals.tf
deleted file mode 100644
index f315038..0000000
--- a/modules/nullplatform/provider/compute/ec2/locals.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-locals {
-  dimensions = merge(var.include_environment ? { environment = var.environment } : {}, var.dimensions)
-}
diff --git a/modules/nullplatform/provider/compute/ec2/main.tf b/modules/nullplatform/provider/compute/ec2/main.tf
deleted file mode 100644
index bfc9743..0000000
--- a/modules/nullplatform/provider/compute/ec2/main.tf
+++ /dev/null
@@ -1,20 +0,0 @@
-resource "nullplatform_provider_config" "ec2" {
-  provider   = nullplatform
-  nrn        = var.nrn
-  type       = "ec2-configuration"
-  dimensions = local.dimensions
-  attributes = jsonencode({
-    ami = {
-      id = var.ami_id
-    },
-    storage = {
-      parameters_bucket            = var.parameters_bucket
-      parameters_encryption_secret = var.parameters_encryption_secret
-    },
-    security = {
-      # ssh_key = var.ec2_ssh_key_name
-      iam_profile = var.instance_profile
-
-    }
-  })
-}
diff --git a/modules/nullplatform/provider/compute/ec2/variables.tf b/modules/nullplatform/provider/compute/ec2/variables.tf
deleted file mode 100644
index 20a141e..0000000
--- a/modules/nullplatform/provider/compute/ec2/variables.tf
+++ /dev/null
@@ -1,43 +0,0 @@
-variable "nrn" {
-  type        = string
-  description = "The null platform nrn"
-}
-
-variable "environment" {
-  type        = string
-  description = "The environment dimension value to which the configuraion applies"
-}
-
-variable "dimensions" {
-  type        = map(string)
-  description = "A map of dimension values to configure Nullplatform"
-  default     = {}
-}
-
-variable "include_environment" {
-  type        = bool
-  description = "use Environment as default dimension"
-  default     = true
-}
-
-variable "ami_id" {
-  type        = string
-  description = "AMI Id used to launch to EC2 instances"
-  default     = "ami-0a6dd292b2a2a778c" #null-runtime-58 
-}
-
-variable "parameters_bucket" {
-  type        = string
-  description = "The parameters bucket storage"
-}
-
-variable "parameters_encryption_secret" {
-  type        = string
-  description = "The parameters bucket storage encryption key"
-}
-
-variable "instance_profile" {
-  type        = string
-  description = "The IAM Instance profile to attach to EC2 instances"
-}
-
diff --git a/modules/nullplatform/provider/compute/lambda/.terraform.lock.hcl b/modules/nullplatform/provider/compute/lambda/.terraform.lock.hcl
deleted file mode 100644
index 061eabe..0000000
--- a/modules/nullplatform/provider/compute/lambda/.terraform.lock.hcl
+++ /dev/null
@@ -1,24 +0,0 @@
-# This file is maintained automatically by "tofu init".
-# Manual edits may be lost in future updates.
-
-provider "registry.opentofu.org/nullplatform/nullplatform" {
-  version = "0.0.50"
-  hashes = [
-    "h1:SpVt8qRCAbEqMZ24pSJLFuJ77cmDtbd9Twggk5IhHpo=",
-    "zh:13e064b2cb9810afacc1cea10119ae79d0eee2cb358073c91bcec580a6f20fa7",
-    "zh:2939e4c20111ed71ad0f1d3022756aeade36afeae9bfd6b8d0bc29143d428d41",
-    "zh:2afe3a28241f14ff502c64419225945714544e0bd8447ece85ea188230ee76f3",
-    "zh:4332b4e06b9be0da0669fb36f7345b19c7a858891f47398117de258b84ed67ea",
-    "zh:4657a3f422edc0358176a770a9fed9a464be2831260d1c572a214dcc705cf835",
-    "zh:5df5d97d819e068f198e580712ff351509e8fd36494642f88c8e995b9b0b6157",
-    "zh:95611701e2d9c1107ca3cd028355f0cdb3fd89abc794ab3b23e43adbe0709b67",
-    "zh:9a78a06b4221dc3ee4db54c2d2cd7dae46730f2a6356c33b4f228683c46f8074",
-    "zh:ac604ca7b534dd7a0700e6cacb46cc93a2b20e56f4c63cb23e1624ea90cb7602",
-    "zh:b485b58550b4d04e5471f056c941e1f8f0de6efac1b323d00f23cba72253572c",
-    "zh:c86870ee600c54edcb085cb32850db955e47bfc0daa3b068dc51590e27b73d86",
-    "zh:e684601ec015e7a132c607c28cd4787aab1008648eb1b4ac14552701145cc6d8",
-    "zh:e82423ae69f1536c70b778b1333998d8b34ffa8686e7a0b6575f0872a7c2fd4d",
-    "zh:eaf45f4384ca089a1886fc91c10c6f46109dba964a06d6f0a9110b6cb2abab5b",
-    "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
-  ]
-}
diff --git a/modules/nullplatform/provider/compute/lambda/README.md b/modules/nullplatform/provider/compute/lambda/README.md
deleted file mode 100644
index 9808a0c..0000000
--- a/modules/nullplatform/provider/compute/lambda/README.md
+++ /dev/null
@@ -1,33 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_nullplatform"></a> [nullplatform](#provider\_nullplatform) | 0.0.50 |
-
-## Modules
-
-No modules.
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [nullplatform_provider_config.lambda](https://registry.terraform.io/providers/nullplatform/nullplatform/latest/docs/resources/provider_config) | resource |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_dimensions"></a> [dimensions](#input\_dimensions) | A map of dimension values to configure Nullplatform | `map(string)` | `{}` | no |
-| <a name="input_environment"></a> [environment](#input\_environment) | The environment dimension value to which the configuraion applies | `string` | n/a | yes |
-| <a name="input_include_environment"></a> [include\_environment](#input\_include\_environment) | use Environment as default dimension | `bool` | `true` | no |
-| <a name="input_lambda_function_role_arn"></a> [lambda\_function\_role\_arn](#input\_lambda\_function\_role\_arn) | The IAM Role arn to deploy Lambda functions | `string` | n/a | yes |
-| <a name="input_nrn"></a> [nrn](#input\_nrn) | The null platform nrn | `string` | n/a | yes |
-
-## Outputs
-
-No outputs.
diff --git a/modules/nullplatform/provider/compute/lambda/backend.tf b/modules/nullplatform/provider/compute/lambda/backend.tf
deleted file mode 100644
index 48aab7d..0000000
--- a/modules/nullplatform/provider/compute/lambda/backend.tf
+++ /dev/null
@@ -1,7 +0,0 @@
-terraform {
-  required_providers {
-    nullplatform = {
-      source = "nullplatform/nullplatform"
-    }
-  }
-}
diff --git a/modules/nullplatform/provider/compute/lambda/locals.tf b/modules/nullplatform/provider/compute/lambda/locals.tf
deleted file mode 100644
index f315038..0000000
--- a/modules/nullplatform/provider/compute/lambda/locals.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-locals {
-  dimensions = merge(var.include_environment ? { environment = var.environment } : {}, var.dimensions)
-}
diff --git a/modules/nullplatform/provider/compute/lambda/main.tf b/modules/nullplatform/provider/compute/lambda/main.tf
deleted file mode 100644
index 4872ad6..0000000
--- a/modules/nullplatform/provider/compute/lambda/main.tf
+++ /dev/null
@@ -1,11 +0,0 @@
-resource "nullplatform_provider_config" "lambda" {
-  provider   = nullplatform
-  nrn        = var.nrn
-  type       = "aws-lambda-configuration"
-  dimensions = local.dimensions
-  attributes = jsonencode({
-    setup = {
-      role_arn = var.lambda_function_role_arn
-    }
-  })
-}
diff --git a/modules/nullplatform/provider/compute/lambda/variables.tf b/modules/nullplatform/provider/compute/lambda/variables.tf
deleted file mode 100644
index 11af5de..0000000
--- a/modules/nullplatform/provider/compute/lambda/variables.tf
+++ /dev/null
@@ -1,27 +0,0 @@
-variable "nrn" {
-  type        = string
-  description = "The null platform nrn"
-}
-
-variable "environment" {
-  type        = string
-  description = "The environment dimension value to which the configuraion applies"
-}
-
-variable "dimensions" {
-  type        = map(string)
-  description = "A map of dimension values to configure Nullplatform"
-  default     = {}
-}
-
-variable "include_environment" {
-  type        = bool
-  description = "use Environment as default dimension"
-  default     = true
-}
-
-variable "lambda_function_role_arn" {
-  type        = string
-  description = "The IAM Role arn to deploy Lambda functions"
-}
-
diff --git a/modules/nullplatform/provider/container/README.md b/modules/nullplatform/provider/container/README.md
deleted file mode 100644
index 5ca9045..0000000
--- a/modules/nullplatform/provider/container/README.md
+++ /dev/null
@@ -1,23 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-No providers.
-
-## Modules
-
-No modules.
-
-## Resources
-
-No resources.
-
-## Inputs
-
-No inputs.
-
-## Outputs
-
-No outputs.
diff --git a/modules/nullplatform/provider/container/eks/.terraform.lock.hcl b/modules/nullplatform/provider/container/eks/.terraform.lock.hcl
deleted file mode 100644
index 061eabe..0000000
--- a/modules/nullplatform/provider/container/eks/.terraform.lock.hcl
+++ /dev/null
@@ -1,24 +0,0 @@
-# This file is maintained automatically by "tofu init".
-# Manual edits may be lost in future updates.
-
-provider "registry.opentofu.org/nullplatform/nullplatform" {
-  version = "0.0.50"
-  hashes = [
-    "h1:SpVt8qRCAbEqMZ24pSJLFuJ77cmDtbd9Twggk5IhHpo=",
-    "zh:13e064b2cb9810afacc1cea10119ae79d0eee2cb358073c91bcec580a6f20fa7",
-    "zh:2939e4c20111ed71ad0f1d3022756aeade36afeae9bfd6b8d0bc29143d428d41",
-    "zh:2afe3a28241f14ff502c64419225945714544e0bd8447ece85ea188230ee76f3",
-    "zh:4332b4e06b9be0da0669fb36f7345b19c7a858891f47398117de258b84ed67ea",
-    "zh:4657a3f422edc0358176a770a9fed9a464be2831260d1c572a214dcc705cf835",
-    "zh:5df5d97d819e068f198e580712ff351509e8fd36494642f88c8e995b9b0b6157",
-    "zh:95611701e2d9c1107ca3cd028355f0cdb3fd89abc794ab3b23e43adbe0709b67",
-    "zh:9a78a06b4221dc3ee4db54c2d2cd7dae46730f2a6356c33b4f228683c46f8074",
-    "zh:ac604ca7b534dd7a0700e6cacb46cc93a2b20e56f4c63cb23e1624ea90cb7602",
-    "zh:b485b58550b4d04e5471f056c941e1f8f0de6efac1b323d00f23cba72253572c",
-    "zh:c86870ee600c54edcb085cb32850db955e47bfc0daa3b068dc51590e27b73d86",
-    "zh:e684601ec015e7a132c607c28cd4787aab1008648eb1b4ac14552701145cc6d8",
-    "zh:e82423ae69f1536c70b778b1333998d8b34ffa8686e7a0b6575f0872a7c2fd4d",
-    "zh:eaf45f4384ca089a1886fc91c10c6f46109dba964a06d6f0a9110b6cb2abab5b",
-    "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
-  ]
-}
diff --git a/modules/nullplatform/provider/container/eks/README.md b/modules/nullplatform/provider/container/eks/README.md
deleted file mode 100644
index 23de3cb..0000000
--- a/modules/nullplatform/provider/container/eks/README.md
+++ /dev/null
@@ -1,34 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_nullplatform"></a> [nullplatform](#provider\_nullplatform) | 0.0.50 |
-
-## Modules
-
-No modules.
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [nullplatform_provider_config.eks](https://registry.terraform.io/providers/nullplatform/nullplatform/latest/docs/resources/provider_config) | resource |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_cluster_name"></a> [cluster\_name](#input\_cluster\_name) | GKE Cluster name | `string` | n/a | yes |
-| <a name="input_dimensions"></a> [dimensions](#input\_dimensions) | A map of dimension values to configure Nullplatform | `map(string)` | `{}` | no |
-| <a name="input_environment"></a> [environment](#input\_environment) | The environment dimension value to which the configuraion applies | `string` | n/a | yes |
-| <a name="input_include_environment"></a> [include\_environment](#input\_include\_environment) | use Environment as default dimension | `bool` | `true` | no |
-| <a name="input_namespace"></a> [namespace](#input\_namespace) | Namespace where apps will be created | `string` | `"nullplatform"` | no |
-| <a name="input_nrn"></a> [nrn](#input\_nrn) | The null platform nrn | `string` | n/a | yes |
-
-## Outputs
-
-No outputs.
diff --git a/modules/nullplatform/provider/container/eks/backend.tf b/modules/nullplatform/provider/container/eks/backend.tf
deleted file mode 100644
index 48aab7d..0000000
--- a/modules/nullplatform/provider/container/eks/backend.tf
+++ /dev/null
@@ -1,7 +0,0 @@
-terraform {
-  required_providers {
-    nullplatform = {
-      source = "nullplatform/nullplatform"
-    }
-  }
-}
diff --git a/modules/nullplatform/provider/container/eks/locals.tf b/modules/nullplatform/provider/container/eks/locals.tf
deleted file mode 100644
index f315038..0000000
--- a/modules/nullplatform/provider/container/eks/locals.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-locals {
-  dimensions = merge(var.include_environment ? { environment = var.environment } : {}, var.dimensions)
-}
diff --git a/modules/nullplatform/provider/container/eks/main.tf b/modules/nullplatform/provider/container/eks/main.tf
deleted file mode 100644
index 29d417f..0000000
--- a/modules/nullplatform/provider/container/eks/main.tf
+++ /dev/null
@@ -1,12 +0,0 @@
-resource "nullplatform_provider_config" "eks" {
-  provider   = nullplatform
-  nrn        = var.nrn
-  type       = "eks-configuration"
-  dimensions = local.dimensions
-  attributes = jsonencode({
-    cluster = {
-      id        = var.cluster_name,
-      namespace = var.namespace
-    }
-  })
-}
diff --git a/modules/nullplatform/provider/container/eks/variables.tf b/modules/nullplatform/provider/container/eks/variables.tf
deleted file mode 100644
index 91f3c90..0000000
--- a/modules/nullplatform/provider/container/eks/variables.tf
+++ /dev/null
@@ -1,32 +0,0 @@
-variable "nrn" {
-  type        = string
-  description = "The null platform nrn"
-}
-
-variable "environment" {
-  type        = string
-  description = "The environment dimension value to which the configuraion applies"
-}
-
-variable "dimensions" {
-  type        = map(string)
-  description = "A map of dimension values to configure Nullplatform"
-  default     = {}
-}
-
-variable "include_environment" {
-  type        = bool
-  description = "use Environment as default dimension"
-  default     = true
-}
-
-variable "cluster_name" {
-  type        = string
-  description = "GKE Cluster name"
-}
-
-variable "namespace" {
-  type        = string
-  description = "Namespace where apps will be created"
-  default     = "nullplatform"
-}
diff --git a/modules/nullplatform/provider/container/gke/.terraform.lock.hcl b/modules/nullplatform/provider/container/gke/.terraform.lock.hcl
deleted file mode 100644
index 061eabe..0000000
--- a/modules/nullplatform/provider/container/gke/.terraform.lock.hcl
+++ /dev/null
@@ -1,24 +0,0 @@
-# This file is maintained automatically by "tofu init".
-# Manual edits may be lost in future updates.
-
-provider "registry.opentofu.org/nullplatform/nullplatform" {
-  version = "0.0.50"
-  hashes = [
-    "h1:SpVt8qRCAbEqMZ24pSJLFuJ77cmDtbd9Twggk5IhHpo=",
-    "zh:13e064b2cb9810afacc1cea10119ae79d0eee2cb358073c91bcec580a6f20fa7",
-    "zh:2939e4c20111ed71ad0f1d3022756aeade36afeae9bfd6b8d0bc29143d428d41",
-    "zh:2afe3a28241f14ff502c64419225945714544e0bd8447ece85ea188230ee76f3",
-    "zh:4332b4e06b9be0da0669fb36f7345b19c7a858891f47398117de258b84ed67ea",
-    "zh:4657a3f422edc0358176a770a9fed9a464be2831260d1c572a214dcc705cf835",
-    "zh:5df5d97d819e068f198e580712ff351509e8fd36494642f88c8e995b9b0b6157",
-    "zh:95611701e2d9c1107ca3cd028355f0cdb3fd89abc794ab3b23e43adbe0709b67",
-    "zh:9a78a06b4221dc3ee4db54c2d2cd7dae46730f2a6356c33b4f228683c46f8074",
-    "zh:ac604ca7b534dd7a0700e6cacb46cc93a2b20e56f4c63cb23e1624ea90cb7602",
-    "zh:b485b58550b4d04e5471f056c941e1f8f0de6efac1b323d00f23cba72253572c",
-    "zh:c86870ee600c54edcb085cb32850db955e47bfc0daa3b068dc51590e27b73d86",
-    "zh:e684601ec015e7a132c607c28cd4787aab1008648eb1b4ac14552701145cc6d8",
-    "zh:e82423ae69f1536c70b778b1333998d8b34ffa8686e7a0b6575f0872a7c2fd4d",
-    "zh:eaf45f4384ca089a1886fc91c10c6f46109dba964a06d6f0a9110b6cb2abab5b",
-    "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
-  ]
-}
diff --git a/modules/nullplatform/provider/container/gke/README.md b/modules/nullplatform/provider/container/gke/README.md
deleted file mode 100644
index df6de7c..0000000
--- a/modules/nullplatform/provider/container/gke/README.md
+++ /dev/null
@@ -1,38 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_nullplatform"></a> [nullplatform](#provider\_nullplatform) | 0.0.50 |
-
-## Modules
-
-No modules.
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [nullplatform_provider_config.gke](https://registry.terraform.io/providers/nullplatform/nullplatform/latest/docs/resources/provider_config) | resource |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_cluster_name"></a> [cluster\_name](#input\_cluster\_name) | GKE Cluster name | `string` | n/a | yes |
-| <a name="input_dimensions"></a> [dimensions](#input\_dimensions) | A map of dimension values to configure Nullplatform | `map(string)` | `{}` | no |
-| <a name="input_environment"></a> [environment](#input\_environment) | The environment dimension value to which the configuraion applies | `string` | n/a | yes |
-| <a name="input_gateway_namespace"></a> [gateway\_namespace](#input\_gateway\_namespace) | Namespace where gateways will be created | `string` | `"gateways"` | no |
-| <a name="input_include_environment"></a> [include\_environment](#input\_include\_environment) | use Environment as default dimension | `bool` | `true` | no |
-| <a name="input_location"></a> [location](#input\_location) | GCP location where the cluster exists | `string` | n/a | yes |
-| <a name="input_namespace"></a> [namespace](#input\_namespace) | Namespace where apps will be created | `string` | `"nullplatform"` | no |
-| <a name="input_nrn"></a> [nrn](#input\_nrn) | The null platform nrn | `string` | n/a | yes |
-| <a name="input_private_gateway_name"></a> [private\_gateway\_name](#input\_private\_gateway\_name) | Private gateway name | `string` | `"gateway-private"` | no |
-| <a name="input_public_gateway_name"></a> [public\_gateway\_name](#input\_public\_gateway\_name) | Public gateway name | `string` | `"gateway-public"` | no |
-
-## Outputs
-
-No outputs.
diff --git a/modules/nullplatform/provider/container/gke/backend.tf b/modules/nullplatform/provider/container/gke/backend.tf
deleted file mode 100644
index 48aab7d..0000000
--- a/modules/nullplatform/provider/container/gke/backend.tf
+++ /dev/null
@@ -1,7 +0,0 @@
-terraform {
-  required_providers {
-    nullplatform = {
-      source = "nullplatform/nullplatform"
-    }
-  }
-}
diff --git a/modules/nullplatform/provider/container/gke/locals.tf b/modules/nullplatform/provider/container/gke/locals.tf
deleted file mode 100644
index f315038..0000000
--- a/modules/nullplatform/provider/container/gke/locals.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-locals {
-  dimensions = merge(var.include_environment ? { environment = var.environment } : {}, var.dimensions)
-}
diff --git a/modules/nullplatform/provider/container/gke/main.tf b/modules/nullplatform/provider/container/gke/main.tf
deleted file mode 100644
index b521733..0000000
--- a/modules/nullplatform/provider/container/gke/main.tf
+++ /dev/null
@@ -1,18 +0,0 @@
-resource "nullplatform_provider_config" "gke" {
-  nrn        = var.nrn
-  type       = "gke-configuration"
-  dimensions = local.dimensions
-  attributes = jsonencode({
-    "cluster" : {
-      "id" : var.cluster_name,
-      "location" : var.location,
-      "namespace" : var.namespace
-      "image_pull_secrets" : ["image-pull-secret-nullplatform"]
-    },
-    "gateway" : {
-      "namespace" : var.gateway_namespace,
-      "public_name" : var.public_gateway_name,
-      "private_name" : var.private_gateway_name,
-    }
-  })
-}
diff --git a/modules/nullplatform/provider/container/gke/variables.tf b/modules/nullplatform/provider/container/gke/variables.tf
deleted file mode 100644
index 103fced..0000000
--- a/modules/nullplatform/provider/container/gke/variables.tf
+++ /dev/null
@@ -1,55 +0,0 @@
-variable "nrn" {
-  type        = string
-  description = "The null platform nrn"
-}
-
-variable "environment" {
-  type        = string
-  description = "The environment dimension value to which the configuraion applies"
-}
-
-variable "dimensions" {
-  type        = map(string)
-  description = "A map of dimension values to configure Nullplatform"
-  default     = {}
-}
-
-variable "include_environment" {
-  type        = bool
-  description = "use Environment as default dimension"
-  default     = true
-}
-
-variable "cluster_name" {
-  type        = string
-  description = "GKE Cluster name"
-}
-
-variable "location" {
-  type        = string
-  description = "GCP location where the cluster exists"
-}
-
-variable "namespace" {
-  type        = string
-  description = "Namespace where apps will be created"
-  default     = "nullplatform"
-}
-
-variable "gateway_namespace" {
-  description = "Namespace where gateways will be created"
-  type        = string
-  default     = "gateways"
-}
-
-variable "public_gateway_name" {
-  description = "Public gateway name"
-  type        = string
-  default     = "gateway-public"
-}
-
-variable "private_gateway_name" {
-  description = "Private gateway name"
-  type        = string
-  default     = "gateway-private"
-}
diff --git a/modules/nullplatform/provider/networking/vpc/.terraform.lock.hcl b/modules/nullplatform/provider/networking/vpc/.terraform.lock.hcl
deleted file mode 100644
index 061eabe..0000000
--- a/modules/nullplatform/provider/networking/vpc/.terraform.lock.hcl
+++ /dev/null
@@ -1,24 +0,0 @@
-# This file is maintained automatically by "tofu init".
-# Manual edits may be lost in future updates.
-
-provider "registry.opentofu.org/nullplatform/nullplatform" {
-  version = "0.0.50"
-  hashes = [
-    "h1:SpVt8qRCAbEqMZ24pSJLFuJ77cmDtbd9Twggk5IhHpo=",
-    "zh:13e064b2cb9810afacc1cea10119ae79d0eee2cb358073c91bcec580a6f20fa7",
-    "zh:2939e4c20111ed71ad0f1d3022756aeade36afeae9bfd6b8d0bc29143d428d41",
-    "zh:2afe3a28241f14ff502c64419225945714544e0bd8447ece85ea188230ee76f3",
-    "zh:4332b4e06b9be0da0669fb36f7345b19c7a858891f47398117de258b84ed67ea",
-    "zh:4657a3f422edc0358176a770a9fed9a464be2831260d1c572a214dcc705cf835",
-    "zh:5df5d97d819e068f198e580712ff351509e8fd36494642f88c8e995b9b0b6157",
-    "zh:95611701e2d9c1107ca3cd028355f0cdb3fd89abc794ab3b23e43adbe0709b67",
-    "zh:9a78a06b4221dc3ee4db54c2d2cd7dae46730f2a6356c33b4f228683c46f8074",
-    "zh:ac604ca7b534dd7a0700e6cacb46cc93a2b20e56f4c63cb23e1624ea90cb7602",
-    "zh:b485b58550b4d04e5471f056c941e1f8f0de6efac1b323d00f23cba72253572c",
-    "zh:c86870ee600c54edcb085cb32850db955e47bfc0daa3b068dc51590e27b73d86",
-    "zh:e684601ec015e7a132c607c28cd4787aab1008648eb1b4ac14552701145cc6d8",
-    "zh:e82423ae69f1536c70b778b1333998d8b34ffa8686e7a0b6575f0872a7c2fd4d",
-    "zh:eaf45f4384ca089a1886fc91c10c6f46109dba964a06d6f0a9110b6cb2abab5b",
-    "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
-  ]
-}
diff --git a/modules/nullplatform/provider/networking/vpc/README.md b/modules/nullplatform/provider/networking/vpc/README.md
deleted file mode 100644
index 3f78278..0000000
--- a/modules/nullplatform/provider/networking/vpc/README.md
+++ /dev/null
@@ -1,39 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_nullplatform"></a> [nullplatform](#provider\_nullplatform) | 0.0.50 |
-
-## Modules
-
-No modules.
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [nullplatform_provider_config.network](https://registry.terraform.io/providers/nullplatform/nullplatform/latest/docs/resources/provider_config) | resource |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_dimensions"></a> [dimensions](#input\_dimensions) | A map of dimension values to configure Nullplatform | `map(string)` | `{}` | no |
-| <a name="input_environment"></a> [environment](#input\_environment) | The environment dimension value to which the configuraion applies | `string` | n/a | yes |
-| <a name="input_include_environment"></a> [include\_environment](#input\_include\_environment) | use Environment as default dimension | `bool` | `true` | no |
-| <a name="input_nrn"></a> [nrn](#input\_nrn) | The null platform nrn | `string` | n/a | yes |
-| <a name="input_private_load_balancer_arn"></a> [private\_load\_balancer\_arn](#input\_private\_load\_balancer\_arn) | The private alb arn used for ec2 and lambda | `string` | n/a | yes |
-| <a name="input_private_load_balancer_listener_arn"></a> [private\_load\_balancer\_listener\_arn](#input\_private\_load\_balancer\_listener\_arn) | The private alb listener arn used for ec2 and lambda | `string` | n/a | yes |
-| <a name="input_public_load_balancer_arn"></a> [public\_load\_balancer\_arn](#input\_public\_load\_balancer\_arn) | The private alb arn used for ec2 and lambda | `string` | n/a | yes |
-| <a name="input_public_load_balancer_listener_arn"></a> [public\_load\_balancer\_listener\_arn](#input\_public\_load\_balancer\_listener\_arn) | The private alb listener arn used for ec2 and lambda | `string` | n/a | yes |
-| <a name="input_security_group_ids"></a> [security\_group\_ids](#input\_security\_group\_ids) | The sg ids used for ec2 and lambda | `list(string)` | n/a | yes |
-| <a name="input_subnet_ids"></a> [subnet\_ids](#input\_subnet\_ids) | The subnet ids used for ec2 and lambda | `list(string)` | n/a | yes |
-| <a name="input_vpc_id"></a> [vpc\_id](#input\_vpc\_id) | The VPC id used for ec2 and lambda | `string` | n/a | yes |
-
-## Outputs
-
-No outputs.
diff --git a/modules/nullplatform/provider/networking/vpc/backend.tf b/modules/nullplatform/provider/networking/vpc/backend.tf
deleted file mode 100644
index 48aab7d..0000000
--- a/modules/nullplatform/provider/networking/vpc/backend.tf
+++ /dev/null
@@ -1,7 +0,0 @@
-terraform {
-  required_providers {
-    nullplatform = {
-      source = "nullplatform/nullplatform"
-    }
-  }
-}
diff --git a/modules/nullplatform/provider/networking/vpc/locals.tf b/modules/nullplatform/provider/networking/vpc/locals.tf
deleted file mode 100644
index f315038..0000000
--- a/modules/nullplatform/provider/networking/vpc/locals.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-locals {
-  dimensions = merge(var.include_environment ? { environment = var.environment } : {}, var.dimensions)
-}
diff --git a/modules/nullplatform/provider/networking/vpc/main.tf b/modules/nullplatform/provider/networking/vpc/main.tf
deleted file mode 100644
index f4172c0..0000000
--- a/modules/nullplatform/provider/networking/vpc/main.tf
+++ /dev/null
@@ -1,23 +0,0 @@
-resource "nullplatform_provider_config" "network" {
-  provider   = nullplatform
-  nrn        = var.nrn
-  type       = "aws-networking-configuration"
-  dimensions = local.dimensions
-  attributes = jsonencode({
-    "vpc" : {
-      "id" : var.vpc_id,
-      "subnets" : var.subnet_ids,
-      "security_groups" : var.security_group_ids
-    },
-    "load_balancer" : {
-      "private" : {
-        "arn" : var.private_load_balancer_arn,
-        "listener_arn" : var.private_load_balancer_listener_arn
-      },
-      "public" : {
-        "arn" : var.public_load_balancer_arn,
-        "listener_arn" : var.public_load_balancer_listener_arn
-      }
-    }
-  })
-}
diff --git a/modules/nullplatform/provider/networking/vpc/variables.tf b/modules/nullplatform/provider/networking/vpc/variables.tf
deleted file mode 100644
index 516391e..0000000
--- a/modules/nullplatform/provider/networking/vpc/variables.tf
+++ /dev/null
@@ -1,56 +0,0 @@
-variable "nrn" {
-  type        = string
-  description = "The null platform nrn"
-}
-
-variable "environment" {
-  type        = string
-  description = "The environment dimension value to which the configuraion applies"
-}
-
-variable "dimensions" {
-  type        = map(string)
-  description = "A map of dimension values to configure Nullplatform"
-  default     = {}
-}
-
-variable "include_environment" {
-  type        = bool
-  description = "use Environment as default dimension"
-  default     = true
-}
-
-variable "vpc_id" {
-  type        = string
-  description = "The VPC id used for ec2 and lambda"
-}
-
-variable "subnet_ids" {
-  type        = list(string)
-  description = "The subnet ids used for ec2 and lambda"
-}
-
-variable "security_group_ids" {
-  type        = list(string)
-  description = "The sg ids used for ec2 and lambda"
-}
-
-variable "private_load_balancer_arn" {
-  type        = string
-  description = "The private alb arn used for ec2 and lambda"
-}
-
-variable "private_load_balancer_listener_arn" {
-  type        = string
-  description = "The private alb listener arn used for ec2 and lambda"
-}
-
-variable "public_load_balancer_arn" {
-  type        = string
-  description = "The private alb arn used for ec2 and lambda"
-}
-
-variable "public_load_balancer_listener_arn" {
-  type        = string
-  description = "The private alb listener arn used for ec2 and lambda"
-}
diff --git a/modules/nullplatform/scope-definition/README.md b/modules/nullplatform/scope-definition/README.md
deleted file mode 100644
index 56e2d6c..0000000
--- a/modules/nullplatform/scope-definition/README.md
+++ /dev/null
@@ -1,64 +0,0 @@
-## [ALPHA] Scope-Definition module
-
-## How to use it
-
-```hcl
-module "" {
-    source = "git@github.com:nullplatform/main-terraform-modules.git//modules/nullplatform/scope-definition"
-
-    nrn        = ""
-    np_api_key = ""
-    github_repo_url = "https://github.com/nullplatform/scopes"
-    github_ref      = "main"
-    github_scope_path = "k8s"
-    scope_name        = "K8S Webserver"
-    scope_description = "Webserver running in a Kubernetes cluster"
-}
-```
-
-## Requirements
-
-No requirements.
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_http"></a> [http](#provider\_http) | n/a |
-| <a name="provider_nullplatform"></a> [nullplatform](#provider\_nullplatform) | n/a |
-
-## Modules
-
-No modules.
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [nullplatform_action_specification.from_templates](https://registry.terraform.io/providers/nullplatform/nullplatform/latest/docs/resources/action_specification) | resource |
-| [nullplatform_scope_type.from_template](https://registry.terraform.io/providers/nullplatform/nullplatform/latest/docs/resources/scope_type) | resource |
-| [nullplatform_service_specification.from_template](https://registry.terraform.io/providers/nullplatform/nullplatform/latest/docs/resources/service_specification) | resource |
-| [http_http.action_templates](https://registry.terraform.io/providers/hashicorp/http/latest/docs/data-sources/http) | data source |
-| [http_http.service_spec_template](https://registry.terraform.io/providers/hashicorp/http/latest/docs/data-sources/http) | data source |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_action_spec_names"></a> [action\_spec\_names](#input\_action\_spec\_names) | List of action specification template names to fetch and create | `list(string)` | <pre>[<br/>  "create-scope",<br/>  "delete-scope",<br/>  "start-initial",<br/>  "start-blue-green",<br/>  "finalize-blue-green",<br/>  "rollback-deployment",<br/>  "delete-deployment",<br/>  "switch-traffic",<br/>  "set-desired-instance-count",<br/>  "pause-autoscaling",<br/>  "resume-autoscaling",<br/>  "restart-pods",<br/>  "kill-instances"<br/>]</pre> | no |
-| <a name="input_github_ref"></a> [github\_ref](#input\_github\_ref) | Git reference (branch, tag, or commit) | `string` | `"main"` | no |
-| <a name="input_github_repo_url"></a> [github\_repo\_url](#input\_github\_repo\_url) | GitHub repository URL containing templates | `string` | `"https://github.com/nullplatform/scopes"` | no |
-| <a name="input_github_scope_path"></a> [github\_scope\_path](#input\_github\_scope\_path) | Path within the repository for the specific scope (e.g., k8s, ecs) | `string` | `"k8s"` | no |
-| <a name="input_np_api_key"></a> [np\_api\_key](#input\_np\_api\_key) | Nullplatform API key for authentication | `string` | n/a | yes |
-| <a name="input_nrn"></a> [nrn](#input\_nrn) | Nullplatform Resource Name (organization:account format) | `string` | n/a | yes |
-| <a name="input_scope_description"></a> [scope\_description](#input\_scope\_description) | Description of the scope type to be created | `string` | n/a | yes |
-| <a name="input_scope_name"></a> [scope\_name](#input\_scope\_name) | Name of the scope type to be created | `string` | n/a | yes |
-
-## Outputs
-
-| Name | Description |
-|------|-------------|
-| <a name="output_action_specification_ids"></a> [action\_specification\_ids](#output\_action\_specification\_ids) | Map of action specification names to their IDs |
-| <a name="output_scope_type_id"></a> [scope\_type\_id](#output\_scope\_type\_id) | The ID of the created scope type |
-| <a name="output_service_specification_id"></a> [service\_specification\_id](#output\_service\_specification\_id) | The ID of the created service specification |
-| <a name="output_service_specification_slug"></a> [service\_specification\_slug](#output\_service\_specification\_slug) | The slug of the created service specification |
\ No newline at end of file
diff --git a/modules/nullplatform/scope-definition/backend.tf b/modules/nullplatform/scope-definition/backend.tf
deleted file mode 100644
index 8fda109..0000000
--- a/modules/nullplatform/scope-definition/backend.tf
+++ /dev/null
@@ -1,16 +0,0 @@
-terraform {
-  required_providers {
-    nullplatform = {
-      source  = "nullplatform/nullplatform"
-    }
-    http = {
-      source  = "hashicorp/http"
-    }
-    external = {
-      source  = "hashicorp/external"
-    }
-    null = {
-      source  = "hashicorp/null"
-    }
-  }
-}
diff --git a/modules/nullplatform/scope-definition/main.tf b/modules/nullplatform/scope-definition/main.tf
deleted file mode 100644
index 1d9dac8..0000000
--- a/modules/nullplatform/scope-definition/main.tf
+++ /dev/null
@@ -1,103 +0,0 @@
-################################################################################
-# Step 1: Fetch Templates
-################################################################################
-
-# Fetch service specification template
-data "http" "service_spec_template" {
-  url = "${var.github_repo_url}/raw/${var.github_ref}/${var.github_scope_path}/specs/service-spec.json.tpl"
-}
-
-# Fetch action specification templates
-data "http" "action_templates" {
-  for_each = toset(var.action_spec_names)
-  url      = "${var.github_repo_url}/raw/${var.github_ref}/${var.github_scope_path}/specs/actions/${each.key}.json.tpl"
-}
-
-################################################################################
-# Step 2: Process and Create Service Specification
-################################################################################
-
-locals {
-    # Process the template by replacing the template variables
-    # replace is done because some old templates contain gomplate placeholders
-    service_spec_rendered = replace(
-        data.http.service_spec_template.response_body,
-        "/\"{{\\s+env.Getenv\\s+\".*\"\\s+}}\"/",
-        "\"${var.nrn}\""
-    )
-    service_spec_parsed = jsondecode(local.service_spec_rendered)
-}
-
-# Create service specification
-resource "nullplatform_service_specification" "from_template" {
-  name                = local.service_spec_parsed.name
-  visible_to          = [var.nrn]
-  type               = local.service_spec_parsed.type
-  attributes         = jsonencode(local.service_spec_parsed.attributes)
-  use_default_actions = local.service_spec_parsed.use_default_actions
-
-  selectors {
-    category     = local.service_spec_parsed.selectors.category
-    imported     = local.service_spec_parsed.selectors.imported
-    provider     = local.service_spec_parsed.selectors.provider
-    sub_category = local.service_spec_parsed.selectors.sub_category
-  }
-}
-
-locals {
-  # Variables that depend on created service specification
-  service_specification_id = nullplatform_service_specification.from_template.id
-  service_slug             = nullplatform_service_specification.from_template.slug
-
-  dependent_env_vars = {
-    NRN                      = var.nrn
-    SERVICE_SPECIFICATION_ID = local.service_specification_id
-    SERVICE_SLUG             = local.service_slug
-  }
-}
-
-################################################################################
-# Step 3: Process and Create Scope Type
-################################################################################
-
-
-
-# Create scope type
-resource "nullplatform_scope_type" "from_template" {
-  depends_on = [nullplatform_service_specification.from_template]
-
-  nrn         = var.nrn
-  name        = var.scope_name
-  description = var.scope_description
-  provider_id = local.service_specification_id
-}
-
-################################################################################
-# Step 4: Create Action Specifications
-################################################################################
-
-# Process action templates - direct JSON parsing (they don't contain template variables)
-# replace is done because some old templates contain gomplate placeholders
-locals {
-  action_specs_parsed = {
-    for name in var.action_spec_names :
-    name => jsondecode(replace(
-        data.http.action_templates[name].response_body,
-        "/\"{{\\s+env.Getenv\\s+\".*\"\\s+}}\"/",
-        "\"\""
-    ))
-  }
-}
-
-# Create action specifications
-resource "nullplatform_action_specification" "from_templates" {
-  for_each   = toset(var.action_spec_names)
-  depends_on = [nullplatform_service_specification.from_template]
-
-  service_specification_id = local.service_specification_id
-  name                     = local.action_specs_parsed[each.key].name
-  type                     = local.action_specs_parsed[each.key].type
-  parameters               = jsonencode(local.action_specs_parsed[each.key].parameters)
-  results                  = jsonencode(local.action_specs_parsed[each.key].results)
-  retryable                = try(local.action_specs_parsed[each.key].retryable, false)
-}
diff --git a/modules/nullplatform/scope-definition/outputs.tf b/modules/nullplatform/scope-definition/outputs.tf
deleted file mode 100644
index d6bc51c..0000000
--- a/modules/nullplatform/scope-definition/outputs.tf
+++ /dev/null
@@ -1,52 +0,0 @@
-################################################################################
-# Scope Definition Module Outputs
-################################################################################
-
-output "service_specification_id" {
-  value       = nullplatform_service_specification.from_template.id
-  description = "The ID of the created service specification"
-}
-
-output "service_specification_slug" {
-  value       = nullplatform_service_specification.from_template.slug
-  description = "The slug of the created service specification"
-}
-
-output "scope_type_id" {
-  value       = nullplatform_scope_type.from_template.id
-  description = "The ID of the created scope type"
-}
-
-output "action_specification_ids" {
-  value = {
-    for k, v in nullplatform_action_specification.from_templates : k => v.id
-  }
-  description = "Map of action specification names to their IDs"
-}
-
-output "nrn" {
-  value       = var.nrn
-  description = "The NRN of the created service specification"
-}
-output "github_repo_url" {
-  value       = var.github_repo_url
-  description = "The GitHub repository URL associated with the service specification"
-}
-output "github_ref" {
-  value       = var.github_ref
-  description = "The GitHub branch associated with the service specification"
-}
-output "github_scope_path" {
-  value       = var.github_scope_path
-  description = "The GitHub path associated with the service specification"
-}
-
-output "scope_name" {
-  value       = var.scope_name
-  description = "The name of the scope definition"
-}
-
-output "scope_description" {
-  value       = var.scope_description
-  description = "The name of the scope definition"
-}
\ No newline at end of file
diff --git a/modules/nullplatform/scope-definition/variables.tf b/modules/nullplatform/scope-definition/variables.tf
deleted file mode 100644
index 062dcaa..0000000
--- a/modules/nullplatform/scope-definition/variables.tf
+++ /dev/null
@@ -1,63 +0,0 @@
-################################################################################
-# Scope Definition Module Variables
-################################################################################
-
-variable "nrn" {
-  type        = string
-  description = "Nullplatform Resource Name (organization:account format)"
-}
-
-variable "github_repo_url" {
-  type        = string
-  default     = "https://github.com/nullplatform/scopes"
-  description = "GitHub repository URL containing templates"
-}
-
-variable "github_ref" {
-  type        = string
-  default     = "main"
-  description = "Git reference (branch, tag, or commit)"
-}
-
-variable "github_scope_path" {
-  type        = string
-  default     = "k8s"
-  description = "Path within the repository for the specific scope (e.g., k8s, ecs)" 
-}
-
-variable "scope_name" {
-  type        = string
-  description = "Name of the scope type to be created"
-}
-variable "scope_description" {
-  type        = string
-  description = "Description of the scope type to be created"
-} 
-
-variable "action_spec_names" {
-  type = list(string)
-  default = [
-    "create-scope",
-    "delete-scope",
-    "start-initial",
-    "start-blue-green",
-    "finalize-blue-green",
-    "rollback-deployment",
-    "delete-deployment",
-    "switch-traffic",
-    "set-desired-instance-count",
-    "pause-autoscaling",
-    "resume-autoscaling",
-    "restart-pods",
-    "kill-instances"
-  ]
-  description = "List of action specification template names to fetch and create"
-}
-
-# NRN Patch Configuration
-variable "np_api_key" {
-  type        = string
-  sensitive   = true
-  description = "Nullplatform API key for authentication"
-}
-
diff --git a/modules/nullplatform/service/.terraform.lock.hcl b/modules/nullplatform/service/.terraform.lock.hcl
deleted file mode 100644
index e5bfb4a..0000000
--- a/modules/nullplatform/service/.terraform.lock.hcl
+++ /dev/null
@@ -1,24 +0,0 @@
-# This file is maintained automatically by "tofu init".
-# Manual edits may be lost in future updates.
-
-provider "registry.opentofu.org/nullplatform/nullplatform" {
-  version = "0.0.57"
-  hashes = [
-    "h1:c0qU+V7JeCZVMj8VwZLhx23LkHgNXIG3QgKdrQ6Y39c=",
-    "zh:06ad980f549118b21b2423960564dd7bdbe8302c442cba4d982a36abab0430c9",
-    "zh:07f37b0ce6e28f938e02f24d538e9d1c6b473a8056f7e079ecf3a6038936077c",
-    "zh:13cbc02c3e14b5ba76f74c653b8b23dca173542a239ecdb67ac14abd0917105a",
-    "zh:279c225e5ae218168f66fffebcddb14c5e781d74c58a8bbcffe42343cdc362e9",
-    "zh:34a282e4ba66ac5a25fb4546453695f4e6f581a1fc98a46eb1c56ec670a5468e",
-    "zh:4df7fe2d937b9fa91d219b7eee9ad58dc4dc857002109da7e93d3c8a8f1af683",
-    "zh:605e3e0308e16c0c80abaa86a96c7fb8a4449338c1ffa8d30975ec87b2fae4f1",
-    "zh:7215c72a73462636e7d60d0bd901ca2fb918b1cc76a575c6de4a365530de0f01",
-    "zh:79804e1ca5795e52250389df4c727099566e68b7f268f6064fc5f8ede7754e25",
-    "zh:7bcc2cf87c755bc8cd04b7bd85d708b6f97fc5a61daea2ff396d0630b2439ba4",
-    "zh:8f3bbaa006a0a8a1e87df89b49a635afc1f5cd9cc36dd3bb62451140e173b2fc",
-    "zh:abb8663efd33a2e46dce42cbc2d8e2f1fba712002775d41e892618521a0193ae",
-    "zh:c5bb79b935c64873c265fb755813b26e96ea85d417728b2464b6ab0c491bffc2",
-    "zh:d6b7babf81de6fbffa46f1453601fbbd7a58eb976355d08788b4b049f32ff271",
-    "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
-  ]
-}
diff --git a/modules/nullplatform/service/README.md b/modules/nullplatform/service/README.md
deleted file mode 100644
index 73a23d8..0000000
--- a/modules/nullplatform/service/README.md
+++ /dev/null
@@ -1,50 +0,0 @@
-## Requirements
-
-No requirements.
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_nullplatform"></a> [nullplatform](#provider\_nullplatform) | 0.0.57 |
-
-## Modules
-
-No modules.
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [nullplatform_action_specification.basic_actions](https://registry.terraform.io/providers/nullplatform/nullplatform/latest/docs/resources/action_specification) | resource |
-| [nullplatform_link_specification.link_specification](https://registry.terraform.io/providers/nullplatform/nullplatform/latest/docs/resources/link_specification) | resource |
-| [nullplatform_notification_channel.github](https://registry.terraform.io/providers/nullplatform/nullplatform/latest/docs/resources/notification_channel) | resource |
-| [nullplatform_notification_channel.webhook](https://registry.terraform.io/providers/nullplatform/nullplatform/latest/docs/resources/notification_channel) | resource |
-| [nullplatform_service_specification.service_specification](https://registry.terraform.io/providers/nullplatform/nullplatform/latest/docs/resources/service_specification) | resource |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_assignable_to"></a> [assignable\_to](#input\_assignable\_to) | service assignable to. Options: any, dimension, scope | `string` | `"any"` | no |
-| <a name="input_attributes"></a> [attributes](#input\_attributes) | service attributes json schema | `any` | n/a | yes |
-| <a name="input_basic_actions"></a> [basic\_actions](#input\_basic\_actions) | Action schemas definitions | `map(string)` | `{}` | no |
-| <a name="input_dimensions"></a> [dimensions](#input\_dimensions) | service dimensions | `map(any)` | n/a | yes |
-| <a name="input_filters"></a> [filters](#input\_filters) | Additional filters to add to the service notification channels | `any` | n/a | yes |
-| <a name="input_link_assignable_to"></a> [link\_assignable\_to](#input\_link\_assignable\_to) | link assignable to. Options: any, dimension, scope | `string` | `"any"` | no |
-| <a name="input_link_attributes"></a> [link\_attributes](#input\_link\_attributes) | link attributes json schema | `any` | n/a | yes |
-| <a name="input_link_dimensions"></a> [link\_dimensions](#input\_link\_dimensions) | link dimensions | `map(any)` | n/a | yes |
-| <a name="input_link_name"></a> [link\_name](#input\_link\_name) | link name | `string` | n/a | yes |
-| <a name="input_link_unique"></a> [link\_unique](#input\_link\_unique) | link is unique | `bool` | `false` | no |
-| <a name="input_name"></a> [name](#input\_name) | service name | `string` | n/a | yes |
-| <a name="input_notify_channels"></a> [notify\_channels](#input\_notify\_channels) | Notification channels configuration | <pre>object({<br/>    github = object({<br/>      enabled         = bool<br/>      account         = string<br/>      reference       = string<br/>      repository      = string<br/>      workflow_id     = string<br/>      installation_id = string<br/>    }),<br/>    webhook = object({<br/>      enabled = bool<br/>      url     = string<br/>      headers = map(string)<br/>    }),<br/>  })</pre> | <pre>{<br/>  "github": {<br/>    "account": "",<br/>    "enabled": false,<br/>    "installation_id": "",<br/>    "reference": "",<br/>    "repository": "",<br/>    "workflow_id": ""<br/>  },<br/>  "webhook": {<br/>    "enabled": false,<br/>    "headers": {},<br/>    "url": ""<br/>  }<br/>}</pre> | no |
-| <a name="input_selectors"></a> [selectors](#input\_selectors) | Service selectors configuration | `map(string)` | n/a | yes |
-| <a name="input_type"></a> [type](#input\_type) | service type | `string` | `"dependency"` | no |
-| <a name="input_visible_to"></a> [visible\_to](#input\_visible\_to) | Visibility of the service specification | `list(string)` | <pre>[<br/>  "organization=1:account=*"<br/>]</pre> | no |
-
-## Outputs
-
-| Name | Description |
-|------|-------------|
-| <a name="output_link_specification_id"></a> [link\_specification\_id](#output\_link\_specification\_id) | value of the link specification id |
-| <a name="output_service_specification_id"></a> [service\_specification\_id](#output\_service\_specification\_id) | value of the service specification id |
diff --git a/modules/nullplatform/service/actions_specification.tf b/modules/nullplatform/service/actions_specification.tf
deleted file mode 100644
index 63e898a..0000000
--- a/modules/nullplatform/service/actions_specification.tf
+++ /dev/null
@@ -1,12 +0,0 @@
-resource "nullplatform_action_specification" "basic_actions" {
-  for_each = var.basic_actions
-
-  name                     = each.value.name
-  type                     = each.key
-  service_specification_id = nullplatform_service_specification.service_specification.id
-  retryable                = each.value.retryable
-
-  parameters = jsonencode(each.value.parameters)
-  results    = jsonencode(each.value.results)
-}
-
diff --git a/modules/nullplatform/service/link_spec.tf b/modules/nullplatform/service/link_spec.tf
deleted file mode 100644
index cf61a97..0000000
--- a/modules/nullplatform/service/link_spec.tf
+++ /dev/null
@@ -1,19 +0,0 @@
-resource "nullplatform_link_specification" "link_specification" {
-  name             = var.link_name
-  assignable_to    = var.link_assignable_to
-  specification_id = nullplatform_service_specification.service_specification.id
-  unique           = var.link_unique
-  visible_to       = var.visible_to
-
-  dimensions = jsonencode(var.link_dimensions)
-  attributes = jsonencode(var.link_attributes)
-
-  use_default_actions = length(keys(var.basic_actions)) == 0
-
-  selectors {
-    category     = var.selectors.category
-    imported     = var.selectors.imported
-    provider     = var.selectors.provider
-    sub_category = var.selectors.sub_category
-  }
-}
diff --git a/modules/nullplatform/service/locals.tf b/modules/nullplatform/service/locals.tf
deleted file mode 100644
index 799b3a2..0000000
--- a/modules/nullplatform/service/locals.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-locals {
-  filters = jsonencode(merge({ "service.specification.id" : nullplatform_service_specification.service_specification.id }, var.filters))
-}
diff --git a/modules/nullplatform/service/notifications.tf b/modules/nullplatform/service/notifications.tf
deleted file mode 100644
index 0861511..0000000
--- a/modules/nullplatform/service/notifications.tf
+++ /dev/null
@@ -1,32 +0,0 @@
-resource "nullplatform_notification_channel" "github" {
-  for_each = var.notify_channels.github.enabled ? toset(var.visible_to) : toset([])
-  nrn      = each.key
-  type     = "github"
-  source   = ["service"]
-  filters  = local.filters
-
-  configuration {
-    github {
-      account         = var.notify_channels.github.account
-      reference       = var.notify_channels.github.reference
-      repository      = var.notify_channels.github.repository
-      workflow_id     = var.notify_channels.github.workflow_id
-      installation_id = var.notify_channels.github.installation_id
-    }
-  }
-}
-
-resource "nullplatform_notification_channel" "webhook" {
-  for_each = var.notify_channels.webhook.enabled ? toset(var.visible_to) : toset([])
-  nrn      = each.key
-  type     = "http"
-  source   = ["service"]
-  filters  = local.filters
-
-  configuration {
-    http {
-      url     = var.notify_channels.webhook.url
-      headers = var.notify_channels.webhook.headers
-    }
-  }
-}
diff --git a/modules/nullplatform/service/outputs.tf b/modules/nullplatform/service/outputs.tf
deleted file mode 100644
index 6be919c..0000000
--- a/modules/nullplatform/service/outputs.tf
+++ /dev/null
@@ -1,9 +0,0 @@
-output "service_specification_id" {
-  description = "value of the service specification id"
-  value       = nullplatform_service_specification.service_specification.id
-}
-
-output "link_specification_id" {
-  description = "value of the link specification id"
-  value       = nullplatform_link_specification.link_specification.id
-}
diff --git a/modules/nullplatform/service/provider.tf b/modules/nullplatform/service/provider.tf
deleted file mode 100644
index 8fc65ac..0000000
--- a/modules/nullplatform/service/provider.tf
+++ /dev/null
@@ -1,9 +0,0 @@
-terraform {
-  required_providers {
-    nullplatform = {
-      source = "nullplatform/nullplatform"
-    }
-  }
-}
-provider "nullplatform" {
-}
diff --git a/modules/nullplatform/service/service_specification.tf b/modules/nullplatform/service/service_specification.tf
deleted file mode 100644
index f8eaab1..0000000
--- a/modules/nullplatform/service/service_specification.tf
+++ /dev/null
@@ -1,21 +0,0 @@
-# Resource: Service Specification
-resource "nullplatform_service_specification" "service_specification" {
-  name          = var.name
-  type          = var.type
-  assignable_to = var.assignable_to
-
-  visible_to = var.visible_to
-
-  dimensions = jsonencode(var.dimensions)
-
-  attributes = jsonencode(var.attributes)
-
-  use_default_actions = length(keys(var.basic_actions)) == 0
-
-  selectors {
-    category     = var.selectors.category
-    imported     = var.selectors.imported
-    provider     = var.selectors.provider
-    sub_category = var.selectors.sub_category
-  }
-}
diff --git a/modules/nullplatform/service/variables.tf b/modules/nullplatform/service/variables.tf
deleted file mode 100644
index c5e58f6..0000000
--- a/modules/nullplatform/service/variables.tf
+++ /dev/null
@@ -1,110 +0,0 @@
-variable "name" {
-  description = "service name"
-  type        = string
-}
-
-variable "type" {
-  description = "service type"
-  type        = string
-  default     = "dependency"
-}
-
-variable "assignable_to" {
-  description = "service assignable to. Options: any, dimension, scope"
-  type        = string
-  default     = "any"
-}
-
-variable "visible_to" {
-  description = "Visibility of the service specification"
-  type        = list(string)
-  default = [
-    "organization=1:account=*",
-  ]
-}
-
-variable "dimensions" {
-  description = "service dimensions"
-  type        = map(any)
-}
-
-variable "attributes" {
-  description = "service attributes json schema"
-  type        = any
-}
-
-variable "selectors" {
-  description = "Service selectors configuration"
-  type        = map(string)
-}
-
-variable "basic_actions" {
-  description = "Action schemas definitions"
-  default     = {}
-}
-
-variable "link_assignable_to" {
-  description = "link assignable to. Options: any, dimension, scope"
-  type        = string
-  default     = "any"
-}
-
-
-variable "link_name" {
-  description = "link name"
-  type        = string
-}
-
-variable "link_dimensions" {
-  description = "link dimensions"
-  type        = map(any)
-}
-
-variable "link_attributes" {
-  description = "link attributes json schema"
-  type        = any
-}
-
-variable "link_unique" {
-  description = "link is unique"
-  type        = bool
-  default     = false
-}
-
-variable "filters" {
-  description = "Additional filters to add to the service notification channels"
-}
-
-variable "notify_channels" {
-  description = "Notification channels configuration"
-  type = object({
-    github = object({
-      enabled         = bool
-      account         = string
-      reference       = string
-      repository      = string
-      workflow_id     = string
-      installation_id = string
-    }),
-    webhook = object({
-      enabled = bool
-      url     = string
-      headers = map(string)
-    }),
-  })
-  default = {
-    github = {
-      enabled         = false
-      account         = ""
-      reference       = ""
-      repository      = ""
-      workflow_id     = ""
-      installation_id = ""
-    },
-    webhook = {
-      enabled = false
-      url     = ""
-      headers = {}
-    },
-  }
-}
diff --git a/nullplatform/aws/agent/auth.tf b/nullplatform/aws/agent/auth.tf
new file mode 100644
index 0000000..c3a57db
--- /dev/null
+++ b/nullplatform/aws/agent/auth.tf
@@ -0,0 +1,29 @@
+resource "nullplatform_api_key" "nullplatform-agent-api-key" {
+  name = "NULLPLATFORM-AGENT-API-KEY"
+
+  grants {
+    nrn       = replace(var.nrn, ":namespace=.*$", "")
+    role_slug = "controlplane:agent"
+  }
+  grants {
+    nrn       = replace(var.nrn, ":namespace=.*$", "")
+    role_slug = "developer"
+  }
+  grants {
+    nrn       = replace(var.nrn, ":namespace=.*$", "")
+    role_slug = "ops"
+  }
+  grants {
+    nrn       = replace(var.nrn, ":namespace=.*$", "")
+    role_slug = "secops"
+  }
+  grants {
+    nrn       = replace(var.nrn, ":namespace=.*$", "")
+    role_slug = "secrets-reader"
+  }
+
+  tags {
+    key   = "managed-by"
+    value = "IaC"
+  }
+}
\ No newline at end of file
diff --git a/nullplatform/aws/agent/channel.tf b/nullplatform/aws/agent/channel.tf
new file mode 100644
index 0000000..0b1fa66
--- /dev/null
+++ b/nullplatform/aws/agent/channel.tf
@@ -0,0 +1,63 @@
+################################################################################
+# Step 1: Fetch Notification Channel Template
+################################################################################
+
+data "http" "notification_channel_template" {
+  url = "${var.github_repo_url}/raw/${var.github_ref}/${var.service_path}/specs/notification-channel.json.tpl"
+}
+
+###############################################################################
+#Step 2: Process and Create Notification Channel
+###############################################################################
+
+#Process notification channel template
+data "external" "notification_channel" {
+  program = ["sh", "-c", <<-EOT
+    processed_json=$(echo '${data.http.notification_channel_template.response_body}' | \
+    NRN='${var.nrn}' \
+    NP_API_KEY='${nullplatform_api_key.nullplatform-agent-api-key.api_key}' \
+    REPO_PATH='${var.repo_path}' \
+    SERVICE_PATH='${var.service_path}' \
+    ENVIRONMENT='${var.environment_tag}' \
+    SERVICE_SLUG='${nullplatform_service_specification.from_template.slug}' \
+    SERVICE_SPECIFICATION_ID='${nullplatform_service_specification.from_template.id}' \
+    gomplate)
+    echo "{\"json\":\"$(echo "$processed_json" | sed 's/"/\\"/g' | tr -d '\n')\"}"
+  EOT
+  ]
+}
+
+locals {
+  notification_channel_def = jsondecode(data.external.notification_channel.result.json)
+}
+
+# Create notification channel
+resource "nullplatform_notification_channel" "from_template" {
+  nrn    = var.nrn
+  type   = local.notification_channel_def.type
+  source = local.notification_channel_def.source
+
+  configuration {
+    dynamic "agent" {
+      for_each = local.notification_channel_def.type == "agent" ? [local.notification_channel_def.configuration] : []
+      content {
+        api_key = agent.value.api_key
+        command {
+          type = agent.value.command.type
+          data = {
+            for k, v in agent.value.command.data : k => (
+              k == "environment" ? jsonencode({
+                NP_ACTION_CONTEXT = "'$${NOTIFICATION_CONTEXT}'"
+                }) : (
+                can(tostring(v)) ? tostring(v) : jsonencode(v)
+              )
+            )
+          }
+        }
+        selector = agent.value.selector
+      }
+    }
+  }
+
+  filters = can(local.notification_channel_def.filters) ? jsonencode(local.notification_channel_def.filters) : null
+}
\ No newline at end of file
diff --git a/nullplatform/aws/agent/iam.tf b/nullplatform/aws/agent/iam.tf
new file mode 100644
index 0000000..864dce8
--- /dev/null
+++ b/nullplatform/aws/agent/iam.tf
@@ -0,0 +1,136 @@
+module "nullplatform-agent-role" {
+  source          = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts"
+  name            = "nullplatform-agent-role"
+  use_name_prefix = false
+
+  oidc_providers = {
+    main = {
+      provider_arn               = var.aws_iam_openid_connect_provider_arn
+      namespace_service_accounts = ["nullplatform-tools:nullplatform-agent"]
+    }
+  }
+
+  policies = {
+    "nullplatform-route53-policy" = aws_iam_policy.nullplatform-route53-policy.arn,
+    "nullplatform-eks-policy"     = aws_iam_policy.nullplatform-eks-policy.arn,
+    "nullplatform-elb-policy"     = aws_iam_policy.nullplatform-elb-policy.arn
+  }
+}
+
+resource "aws_iam_policy" "nullplatform-route53-policy" {
+  name        = "nullplatform-route53-policy"
+  description = "Policy for managing Route53 DNS records"
+  policy = jsonencode({
+    "Version" : "2012-10-17",
+    "Statement" : [
+      {
+        "Effect" : "Allow",
+        "Action" : [
+          "route53:ChangeResourceRecordSets",
+          "route53:ListResourceRecordSets",
+          "route53:GetHostedZone",
+          "route53:ListHostedZones",
+          "route53:ListHostedZonesByName"
+        ],
+        "Resource" : [
+          "arn:aws:route53:::hostedzone/*"
+        ],
+        "Condition" : {
+          "StringEquals" : {
+            "aws:RequestedRegion" : [
+              "us-east-1",
+              "us-west-2",
+              "eu-west-1"
+            ]
+          }
+        }
+      }
+    ]
+  })
+}
+
+resource "aws_iam_policy" "nullplatform-elb-policy" {
+  name        = "nullplatform-elb-policy"
+  description = "Policy for managing Elastic Load Balancer"
+  policy = jsonencode(
+    {
+      "Version" : "2012-10-17",
+      "Statement" : [
+        {
+          "Effect" : "Allow",
+          "Action" : [
+            "elasticloadbalancing:DescribeLoadBalancers",
+            "elasticloadbalancing:DescribeTargetGroups"
+          ],
+          "Resource" : "*",
+          "Condition" : {
+            "StringEquals" : {
+              "aws:RequestedRegion" : [
+                "us-east-1",
+                "us-west-2",
+                "eu-west-1"
+              ]
+            }
+          }
+        },
+        {
+          "Effect" : "Allow",
+          "Action" : [
+            "elasticloadbalancing:DescribeTargetHealth",
+            "elasticloadbalancing:DescribeListeners",
+            "elasticloadbalancing:DescribeRules"
+          ],
+          "Resource" : [
+            "arn:aws:elasticloadbalancing:*:*:loadbalancer/app/k8s-nullplatform-*",
+            "arn:aws:elasticloadbalancing:*:*:targetgroup/k8s-nullplatform-*"
+          ],
+          "Condition" : {
+            "StringEquals" : {
+              "aws:RequestedRegion" : [
+                "us-east-1",
+                "us-west-2",
+                "eu-west-1"
+              ]
+            }
+          }
+        }
+      ]
+    }
+  )
+}
+
+resource "aws_iam_policy" "nullplatform-eks-policy" {
+  name        = "nullplatform-eks-policy"
+  description = "Policy for managing EKS clusters"
+  policy = jsonencode({
+    "Version" : "2012-10-17",
+    "Statement" : [
+      {
+        "Effect" : "Allow",
+        "Action" : [
+          "eks:DescribeCluster",
+          "eks:ListClusters",
+          "eks:DescribeNodegroup",
+          "eks:ListNodegroups",
+          "eks:DescribeAddon",
+          "eks:ListAddons"
+        ],
+        "Resource" : [
+          "arn:aws:eks:*:*:cluster/*",
+          "arn:aws:eks:*:*:nodegroup/*",
+          "arn:aws:eks:*:*:addon/*"
+        ],
+        "Condition" : {
+          "StringEquals" : {
+            "aws:RequestedRegion" : [
+              "us-east-1",
+              "us-west-2",
+              "eu-west-1"
+            ]
+          }
+        }
+      }
+    ]
+
+  })
+}
diff --git a/nullplatform/aws/agent/locals.tf b/nullplatform/aws/agent/locals.tf
new file mode 100644
index 0000000..5039b07
--- /dev/null
+++ b/nullplatform/aws/agent/locals.tf
@@ -0,0 +1,15 @@
+locals {
+  scope_list  = compact([trimspace(coalesce(var.agent_repos_scope, ""))])
+  repos_extra = compact([for s in split(",", try(coalesce(var.agent_repos_extra, ""), "")) : trimspace(s)])
+  final_list  = distinct(concat(local.scope_list, local.repos_extra))
+
+  nullplatform_agent_values = templatefile("${path.module}/templates/nullplatform-agent-values.tmpl.yaml", {
+    agent_repos       = join(",", local.final_list)
+    cluster_name      = var.cluster_name
+    tags              = var.tags
+    init_scripts      = var.init_scripts
+    resource_identity = module.nullplatform-agent-role.arn
+    api_key           = nullplatform_api_key.nullplatform-agent-api-key.api_key
+    namespace         = var.namespace
+  })
+}
\ No newline at end of file
diff --git a/nullplatform/aws/agent/main.tf b/nullplatform/aws/agent/main.tf
new file mode 100644
index 0000000..0d39a5e
--- /dev/null
+++ b/nullplatform/aws/agent/main.tf
@@ -0,0 +1,24 @@
+resource "helm_release" "agent" {
+  name             = "nullplatform-agent"
+  chart            = "nullplatform-agent"
+  repository       = "https://nullplatform.github.io/helm-charts"
+  namespace        = var.namespace
+  version          = var.nullplatform-agent-helm-version
+  create_namespace = true
+
+  disable_webhooks  = true
+  force_update      = true
+  wait              = true
+  wait_for_jobs     = true
+  timeout           = 600
+  atomic            = true
+  cleanup_on_fail   = true
+  replace           = false
+  recreate_pods     = false
+  reset_values      = false
+  reuse_values      = false
+  dependency_update = true
+  max_history       = 10
+
+  values = [local.nullplatform_agent_values]
+}
\ No newline at end of file
diff --git a/nullplatform/aws/agent/providers.tf b/nullplatform/aws/agent/providers.tf
new file mode 100644
index 0000000..06f29fe
--- /dev/null
+++ b/nullplatform/aws/agent/providers.tf
@@ -0,0 +1,20 @@
+terraform {
+  required_providers {
+    nullplatform = {
+      source  = "nullplatform/nullplatform"
+      version = "~> 0.0.63"
+    }
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 6.0"
+    }
+    helm = {
+      source  = "hashicorp/helm"
+      version = "~> 3.0"
+    }
+  }
+}
+
+provider "nullplatform" {
+  api_key = var.np_api_key
+}
\ No newline at end of file
diff --git a/nullplatform/aws/agent/scopes.tf b/nullplatform/aws/agent/scopes.tf
new file mode 100644
index 0000000..8c0e851
--- /dev/null
+++ b/nullplatform/aws/agent/scopes.tf
@@ -0,0 +1,175 @@
+################################################################################
+# Step 1: Fetch Templates
+################################################################################
+
+# Fetch service specification template
+data "http" "service_spec_template" {
+  url = "${var.github_repo_url}/raw/${var.github_ref}/${var.service_path}/specs/service-spec.json.tpl"
+}
+
+# Fetch scope type template
+data "http" "scope_type_template" {
+  url = "${var.github_repo_url}/raw/${var.github_ref}/${var.service_path}/specs/scope-type-definition.json.tpl"
+}
+
+# Fetch action specification templates
+data "http" "action_templates" {
+  for_each = toset(var.action_spec_names)
+  url      = "${var.github_repo_url}/raw/${var.github_ref}/${var.service_path}/specs/actions/${each.key}.json.tpl"
+}
+
+################################################################################
+# Step 2: Process and Create Service Specification
+################################################################################
+
+# Process service spec template
+data "external" "service_spec" {
+  program = ["sh", "-c", <<-EOT
+    processed_json=$(echo '${data.http.service_spec_template.response_body}' | NRN='${var.nrn}' gomplate)
+    echo "{\"json\":\"$(echo "$processed_json" | sed 's/"/\\"/g' | tr -d '\n')\"}"
+  EOT
+  ]
+}
+
+locals {
+  service_spec_parsed = jsondecode(data.external.service_spec.result.json)
+}
+
+# Create service specification
+resource "nullplatform_service_specification" "from_template" {
+  name                = local.service_spec_parsed.name
+  visible_to          = local.service_spec_parsed.visible_to
+  assignable_to       = local.service_spec_parsed.assignable_to
+  type                = local.service_spec_parsed.type
+  attributes          = jsonencode(local.service_spec_parsed.attributes)
+  use_default_actions = local.service_spec_parsed.use_default_actions
+
+  selectors {
+    category     = local.service_spec_parsed.selectors.category
+    imported     = local.service_spec_parsed.selectors.imported
+    provider     = local.service_spec_parsed.selectors.provider
+    sub_category = local.service_spec_parsed.selectors.sub_category
+  }
+
+  lifecycle {
+    ignore_changes = [attributes]
+  }
+}
+
+locals {
+  # Variables that depend on created service specification
+  service_specification_id = nullplatform_service_specification.from_template.id
+  service_slug             = nullplatform_service_specification.from_template.slug
+
+  dependent_env_vars = {
+    NRN                      = var.nrn
+    SERVICE_SPECIFICATION_ID = local.service_specification_id
+    SERVICE_SLUG             = local.service_slug
+    SERVICE_PATH             = var.service_path
+    REPO_PATH                = var.repo_path
+  }
+}
+
+################################################################################
+# Step 3: Process and Create Scope Type
+################################################################################
+
+# Process scope type template
+data "external" "scope_type" {
+  depends_on = [nullplatform_service_specification.from_template]
+
+  program = ["sh", "-c", <<-EOT
+    processed_json=$(echo '${data.http.scope_type_template.response_body}' | \
+    NRN='${local.dependent_env_vars.NRN}' \
+    SERVICE_SPECIFICATION_ID='${local.dependent_env_vars.SERVICE_SPECIFICATION_ID}' \
+    gomplate)
+    echo "{\"json\":\"$(echo "$processed_json" | sed 's/"/\\"/g' | tr -d '\n')\"}"
+  EOT
+  ]
+}
+
+locals {
+  scope_type_def = jsondecode(data.external.scope_type.result.json)
+}
+
+# Create scope type
+resource "nullplatform_scope_type" "from_template" {
+  depends_on = [nullplatform_service_specification.from_template]
+
+  nrn         = var.nrn
+  name        = local.scope_type_def.name
+  description = local.scope_type_def.description
+  provider_id = local.service_specification_id
+}
+
+################################################################################
+# Step 4: Create Action Specifications
+################################################################################
+
+# Process action templates
+data "external" "action_specs" {
+  for_each   = toset(var.action_spec_names)
+  depends_on = [nullplatform_service_specification.from_template]
+
+  program = ["sh", "-c", <<-EOT
+    processed_json=$(echo '${try(data.http.action_templates[each.key].response_body, "{}")}' | \
+    NRN='${local.dependent_env_vars.NRN}' \
+    SERVICE_SPECIFICATION_ID='${local.dependent_env_vars.SERVICE_SPECIFICATION_ID}' \
+    SERVICE_SLUG='${local.dependent_env_vars.SERVICE_SLUG}' \
+    SERVICE_PATH='${local.dependent_env_vars.SERVICE_PATH}' \
+    REPO_PATH='${local.dependent_env_vars.REPO_PATH}' \
+    gomplate)
+    echo "{\"json_b64\":\"$(echo "$processed_json" | base64 -w 0)\"}"
+  EOT
+  ]
+}
+
+locals {
+  # Static list of action specifications to avoid for_each dependency issues
+  static_action_specs = toset(var.action_spec_names)
+}
+
+# Create action specifications
+resource "nullplatform_action_specification" "from_templates" {
+  for_each   = local.static_action_specs
+  depends_on = [nullplatform_service_specification.from_template]
+
+  service_specification_id = local.service_specification_id
+  name                     = jsondecode(base64decode(data.external.action_specs[each.key].result.json_b64)).name
+  type                     = jsondecode(base64decode(data.external.action_specs[each.key].result.json_b64)).type
+  parameters               = jsonencode(jsondecode(base64decode(data.external.action_specs[each.key].result.json_b64)).parameters)
+  results                  = jsonencode(jsondecode(base64decode(data.external.action_specs[each.key].result.json_b64)).results)
+  retryable                = try(jsondecode(base64decode(data.external.action_specs[each.key].result.json_b64)).retryable, false)
+
+  lifecycle {
+    ignore_changes = [annotations]
+  }
+
+}
+
+################################################################################
+# Step 5: Configure NRN with External Providers (Patch)
+################################################################################
+
+# This replicates: np nrn patch --nrn "$NRN" --body "{\"global.${SERVICE_SLUG}_metric_provider\": \"externalmetrics\", \"global.${SERVICE_SLUG}_log_provider\": \"external\"}"
+resource "null_resource" "nrn_patch" {
+  depends_on = [nullplatform_service_specification.from_template]
+
+  triggers = {
+    nrn          = var.nrn
+    service_slug = local.service_slug
+  }
+
+  provisioner "local-exec" {
+    command = <<-EOT
+      np nrn patch --nrn "${var.nrn}" --body "{
+        \"global.${local.service_slug}_metric_provider\": \"${var.external_metrics_provider}\",
+        \"global.${local.service_slug}_log_provider\": \"${var.external_logging_provider}\"
+      }"
+    EOT
+
+    environment = {
+      NP_API_KEY = var.np_api_key
+    }
+  }
+}
\ No newline at end of file
diff --git a/modules/kubernetes/helm/nullplatform/agent/templates/values-aws.tmpl.yaml b/nullplatform/aws/agent/templates/nullplatform-agent-values.tmpl.yaml
similarity index 59%
rename from modules/kubernetes/helm/nullplatform/agent/templates/values-aws.tmpl.yaml
rename to nullplatform/aws/agent/templates/nullplatform-agent-values.tmpl.yaml
index 705d116..9af357c 100644
--- a/modules/kubernetes/helm/nullplatform/agent/templates/values-aws.tmpl.yaml
+++ b/nullplatform/aws/agent/templates/nullplatform-agent-values.tmpl.yaml
@@ -5,23 +5,19 @@ args:
   - "--tags=$(TAGS)"
   - "--apikey=$(NP_API_KEY)"
   - "--runtime=host"
-  - "--command-executor-env=NP_API_KEY=$(NP_API_KEY),VAULT_ADDR=$(VAULT_URL),VAULT_TOKEN=$(VAULT_TOKEN)"
+  - "--command-executor-env=NP_API_KEY=$(NP_API_KEY)"
   - "--command-executor-debug"
   - "--webserver-enabled"
   - "--command-executor-git-command-repos $(AGENT_REPOS)"
+
 configuration:
   values:
-    NP_API_KEY: "${np_api_key}"
+    NP_API_KEY: "${api_key}"
     TAGS: "${tags}"
     AGENT_REPOS: "${agent_repos}"
     CLUSTER_NAME: "${cluster_name}"
     NAMESPACE: "${namespace}"
-    VAULT_TOKEN: "${vault_token}"
-    VAULT_URL: "${vault_url}"
-initScripts:
-  - apk add --no-cache aws-cli
-%{ for script in init_scripts ~}
-  - ${script}
-%{ endfor ~}
+
+
 image:
   tag: aws
\ No newline at end of file
diff --git a/nullplatform/aws/agent/variables.tf b/nullplatform/aws/agent/variables.tf
new file mode 100644
index 0000000..9974c73
--- /dev/null
+++ b/nullplatform/aws/agent/variables.tf
@@ -0,0 +1,116 @@
+variable "nullplatform-agent-helm-version" {
+  description = "Helm chart version for the Nullplatform agent"
+  type        = string
+  default     = "2.11.0"
+}
+
+variable "agent_repos_scope" {
+  description = "Git repository URL for agent scopes configuration"
+  type        = string
+  default     = "https://github.com/nullplatform/scopes.git#main"
+}
+
+variable "agent_repos_extra" {
+  description = "Additional repositories for the agent configuration"
+  type        = list(string)
+  default     = []
+}
+
+variable "cluster_name" {
+  description = "Name of the EKS cluster"
+  type        = string
+}
+
+variable "tags" {
+  description = "Tags to apply to identifier agent"
+  type        = string
+}
+
+variable "init_scripts" {
+  description = "List of initialization scripts to run"
+  type        = list(string)
+  default     = []
+}
+
+variable "nrn" {
+  description = "Identifier Nullplatform Resources Name"
+  type        = string
+}
+
+variable "namespace" {
+  description = "Kubernetes namespace to agent run"
+  type        = string
+  default     = "nullplatform-tools"
+}
+
+# Template Configuration
+variable "service_path" {
+  type        = string
+  default     = "k8s"
+  description = "Service path within the repository"
+}
+
+variable "repo_path" {
+  type        = string
+  default     = "/root/.np/nullplatform/scopes"
+  description = "Local path to the repository containing templates"
+}
+
+variable "github_repo_url" {
+  type        = string
+  default     = "https://github.com/nullplatform/scopes"
+  description = "GitHub repository URL containing templates"
+}
+
+variable "github_ref" {
+  type        = string
+  default     = "beta"
+  description = "Git reference (branch, tag, or commit)"
+}
+
+variable "environment_tag" {}
+
+################################################################################
+# Scope Definition Module Variables
+################################################################################
+
+variable "action_spec_names" {
+  type = list(string)
+  default = [
+    "create-scope",
+    "delete-scope",
+    "start-initial",
+    "start-blue-green",
+    "finalize-blue-green",
+    "rollback-deployment",
+    "delete-deployment",
+    "switch-traffic",
+    "set-desired-instance-count",
+    "pause-autoscaling",
+    "resume-autoscaling",
+    "restart-pods",
+    "kill-instances"
+  ]
+  description = "List of action specification template names to fetch and create"
+}
+
+# NRN Patch Configuration
+variable "np_api_key" {
+  type        = string
+  sensitive   = true
+  description = "Nullplatform API key for authentication"
+}
+
+variable "external_metrics_provider" {
+  type        = string
+  default     = "externalmetrics"
+  description = "External metrics provider name"
+}
+
+variable "external_logging_provider" {
+  type        = string
+  default     = "external"
+  description = "External logging provider name"
+}
+
+variable "aws_iam_openid_connect_provider_arn" {}
\ No newline at end of file
diff --git a/nullplatform/aws/base/auth.tf b/nullplatform/aws/base/auth.tf
new file mode 100644
index 0000000..0574a76
--- /dev/null
+++ b/nullplatform/aws/base/auth.tf
@@ -0,0 +1,29 @@
+resource "nullplatform_api_key" "nullplatform-base-api-key" {
+  name = "NULLPLATFORM-BASE-API-KEY"
+
+  grants {
+    nrn       = replace(var.nrn, ":namespace=.*$", "")
+    role_slug = "controlplane:agent"
+  }
+  grants {
+    nrn       = replace(var.nrn, ":namespace=.*$", "")
+    role_slug = "developer"
+  }
+  grants {
+    nrn       = replace(var.nrn, ":namespace=.*$", "")
+    role_slug = "ops"
+  }
+  grants {
+    nrn       = replace(var.nrn, ":namespace=.*$", "")
+    role_slug = "secops"
+  }
+  grants {
+    nrn       = replace(var.nrn, ":namespace=.*$", "")
+    role_slug = "secrets-reader"
+  }
+
+  tags {
+    key   = "managed-by"
+    value = "IaC"
+  }
+}
\ No newline at end of file
diff --git a/nullplatform/aws/base/locals.tf b/nullplatform/aws/base/locals.tf
new file mode 100644
index 0000000..eb828e7
--- /dev/null
+++ b/nullplatform/aws/base/locals.tf
@@ -0,0 +1,5 @@
+locals {
+  nullplatform_base_values = templatefile("${path.module}/templates/nullplatform-base-values.tmpl.yaml", {
+    api_key = nullplatform_api_key.nullplatform-base-api-key.api_key
+  })
+}
diff --git a/nullplatform/aws/base/main.tf b/nullplatform/aws/base/main.tf
new file mode 100644
index 0000000..37b9eb7
--- /dev/null
+++ b/nullplatform/aws/base/main.tf
@@ -0,0 +1,24 @@
+resource "helm_release" "base" {
+  name             = "nullplatform-base"
+  chart            = "nullplatform-base"
+  repository       = "https://nullplatform.github.io/helm-charts"
+  namespace        = var.namespace
+  version          = var.nullplatform-base-helm-version
+  create_namespace = true
+
+  disable_webhooks  = true
+  force_update      = true
+  wait              = true
+  wait_for_jobs     = true
+  timeout           = 600
+  atomic            = true
+  cleanup_on_fail   = true
+  replace           = false
+  recreate_pods     = false
+  reset_values      = false
+  reuse_values      = false
+  dependency_update = true
+  max_history       = 10
+
+  values = [local.nullplatform_base_values]
+}
\ No newline at end of file
diff --git a/nullplatform/aws/base/providers.tf b/nullplatform/aws/base/providers.tf
new file mode 100644
index 0000000..fb31c5a
--- /dev/null
+++ b/nullplatform/aws/base/providers.tf
@@ -0,0 +1,16 @@
+terraform {
+  required_providers {
+    nullplatform = {
+      source  = "nullplatform/nullplatform"
+      version = "~> 0.0.63"
+    }
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 6.0"
+    }
+    helm = {
+      source  = "hashicorp/helm"
+      version = "~> 3.0"
+    }
+  }
+}
\ No newline at end of file
diff --git a/nullplatform/aws/base/templates/nullplatform-base-values.tmpl.yaml b/nullplatform/aws/base/templates/nullplatform-base-values.tmpl.yaml
new file mode 100644
index 0000000..57a048f
--- /dev/null
+++ b/nullplatform/aws/base/templates/nullplatform-base-values.tmpl.yaml
@@ -0,0 +1,14 @@
+global:
+  provider: "eks"
+  installGatewayV2Crd: false
+logging:
+  enabled: true
+  prometheus:
+    enabled: true
+    exporterPort: 2021
+metricsServer:
+  enabled: true
+controlPlane:
+  enabled: true
+nullplatform:
+  apiKey: "${api_key}"
\ No newline at end of file
diff --git a/nullplatform/aws/base/variables.tf b/nullplatform/aws/base/variables.tf
new file mode 100644
index 0000000..13f57a4
--- /dev/null
+++ b/nullplatform/aws/base/variables.tf
@@ -0,0 +1,16 @@
+variable "nullplatform-base-helm-version" {
+  description = "Helm chart version for the Nullplatform agent"
+  type        = string
+  default     = "2.12.0"
+}
+
+variable "namespace" {
+  description = "Kubernetes namespace to agent run"
+  type        = string
+  default     = "nullplatform-tools"
+}
+
+variable "nrn" {
+  description = "Identifier Nullplatform Resources Name"
+  type        = string
+}
\ No newline at end of file
diff --git a/modules/nullplatform/provider/cloud/aws/data.tf b/nullplatform/aws/cloud/data.tf
similarity index 56%
rename from modules/nullplatform/provider/cloud/aws/data.tf
rename to nullplatform/aws/cloud/data.tf
index d9c96ce..0fe331b 100644
--- a/modules/nullplatform/provider/cloud/aws/data.tf
+++ b/nullplatform/aws/cloud/data.tf
@@ -1,3 +1,5 @@
 data "aws_caller_identity" "current" {
-  provider = aws
 }
+
+data "aws_region" "current" {
+}
\ No newline at end of file
diff --git a/nullplatform/aws/cloud/main.tf b/nullplatform/aws/cloud/main.tf
new file mode 100644
index 0000000..30f5634
--- /dev/null
+++ b/nullplatform/aws/cloud/main.tf
@@ -0,0 +1,25 @@
+resource "nullplatform_provider_config" "aws" {
+  provider   = nullplatform
+  nrn        = var.nrn
+  type       = "aws-configuration"
+  dimensions = {}
+  attributes = jsonencode({
+    iam = {
+      #scope_workflow_role = aws_iam_role.nullplatform_scope_workflow_role.arn
+    }
+    account = {
+      id     = data.aws_caller_identity.current.id
+      region = data.aws_region.current.region
+    }
+    networking = {
+      application_domain    = false
+      domain_name           = var.domain_name
+      hosted_zone_id        = var.hosted_private_zone_id
+      hosted_public_zone_id = var.hosted_public_zone_id
+    }
+  })
+  lifecycle {
+    ignore_changes = [attributes]
+  }
+}
+
diff --git a/nullplatform/aws/cloud/providers.tf b/nullplatform/aws/cloud/providers.tf
new file mode 100644
index 0000000..cb79686
--- /dev/null
+++ b/nullplatform/aws/cloud/providers.tf
@@ -0,0 +1,12 @@
+terraform {
+  required_providers {
+    nullplatform = {
+      source  = "nullplatform/nullplatform"
+      version = "~> 0.0.63"
+    }
+  }
+}
+
+provider "nullplatform" {
+  api_key = var.np_api_key
+}
\ No newline at end of file
diff --git a/nullplatform/aws/cloud/variables.tf b/nullplatform/aws/cloud/variables.tf
new file mode 100644
index 0000000..2a5f621
--- /dev/null
+++ b/nullplatform/aws/cloud/variables.tf
@@ -0,0 +1,44 @@
+variable "scope_manager_assume_role" {
+  description = "ARN of the IAM role for scope and deploy manager"
+  type        = string
+  default     = "arn:aws:iam::283477532906:role/scope_and_deploy_manager"
+}
+
+variable "nrn" {
+  description = "Identifier Nullplatform Resources Name"
+  type        = string
+}
+
+variable "include_environment" {
+  description = "Whether to use Environment as a default dimension"
+  type        = bool
+  default     = true
+}
+
+variable "domain_name" {
+  description = "Domain name for the configuration"
+  type        = string
+}
+
+variable "hosted_private_zone_id" {
+  description = "Hosted zone ID for private DNS"
+  type        = string
+}
+
+variable "hosted_public_zone_id" {
+  description = "Hosted zone ID for public DNS"
+  type        = string
+}
+
+variable "dimensions" {
+  description = "Map of dimension values to configure Nullplatform"
+  type        = map(string)
+  default     = {}
+}
+
+# NRN Patch Configuration
+variable "np_api_key" {
+  type        = string
+  sensitive   = true
+  description = "Nullplatform API key for authentication"
+}
\ No newline at end of file
diff --git a/nullplatform/azure/example b/nullplatform/azure/example
new file mode 100644
index 0000000..e69de29
diff --git a/nullplatform/commons/account/main.tf b/nullplatform/commons/account/main.tf
new file mode 100644
index 0000000..e02c9da
--- /dev/null
+++ b/nullplatform/commons/account/main.tf
@@ -0,0 +1,8 @@
+resource "nullplatform_account" "nullplatform_account" {
+  for_each = var.nullplatform_accounts
+
+  name                = each.value.name
+  repository_prefix   = each.value.repository_prefix
+  repository_provider = each.value.repository_provider
+  slug                = each.value.slug
+}
\ No newline at end of file
diff --git a/nullplatform/commons/account/providers.tf b/nullplatform/commons/account/providers.tf
new file mode 100644
index 0000000..cb79686
--- /dev/null
+++ b/nullplatform/commons/account/providers.tf
@@ -0,0 +1,12 @@
+terraform {
+  required_providers {
+    nullplatform = {
+      source  = "nullplatform/nullplatform"
+      version = "~> 0.0.63"
+    }
+  }
+}
+
+provider "nullplatform" {
+  api_key = var.np_api_key
+}
\ No newline at end of file
diff --git a/nullplatform/commons/account/variables.tf b/nullplatform/commons/account/variables.tf
new file mode 100644
index 0000000..89a41f3
--- /dev/null
+++ b/nullplatform/commons/account/variables.tf
@@ -0,0 +1,12 @@
+variable "nullplatform_accounts" {
+  type = map(object({
+    name                = string
+    repository_prefix   = optional(string, "poc-account")
+    repository_provider = optional(string, "github")
+    slug                = optional(string, "poc-account")
+  }))
+}
+
+variable "np_api_key" {
+
+}
\ No newline at end of file
diff --git a/modules/nullplatform/provider/asset/docker-server/main.tf b/nullplatform/commons/asset/docker-server/main.tf
similarity index 100%
rename from modules/nullplatform/provider/asset/docker-server/main.tf
rename to nullplatform/commons/asset/docker-server/main.tf
diff --git a/nullplatform/commons/asset/docker-server/provider.tf b/nullplatform/commons/asset/docker-server/provider.tf
new file mode 100644
index 0000000..a3f18aa
--- /dev/null
+++ b/nullplatform/commons/asset/docker-server/provider.tf
@@ -0,0 +1,12 @@
+terraform {
+  required_providers {
+    nullplatform = {
+      source  = "nullplatform/nullplatform"
+      version = ">= 0.0.67"
+    }
+  }
+}
+provider "nullplatform" {
+
+  api_key = var.np_api_key
+}
\ No newline at end of file
diff --git a/modules/nullplatform/provider/asset/docker-server/variables.tf b/nullplatform/commons/asset/docker-server/variables.tf
similarity index 91%
rename from modules/nullplatform/provider/asset/docker-server/variables.tf
rename to nullplatform/commons/asset/docker-server/variables.tf
index 5e7e473..a5cda15 100644
--- a/modules/nullplatform/provider/asset/docker-server/variables.tf
+++ b/nullplatform/commons/asset/docker-server/variables.tf
@@ -24,3 +24,8 @@ variable "password" {
   type        = string
   sensitive   = false
 }
+
+variable "np_api_key" {
+  type = string
+
+}
\ No newline at end of file
diff --git a/nullplatform/commons/asset/ecr/data.tf b/nullplatform/commons/asset/ecr/data.tf
new file mode 100644
index 0000000..0fe331b
--- /dev/null
+++ b/nullplatform/commons/asset/ecr/data.tf
@@ -0,0 +1,5 @@
+data "aws_caller_identity" "current" {
+}
+
+data "aws_region" "current" {
+}
\ No newline at end of file
diff --git a/nullplatform/commons/asset/ecr/iam.tf b/nullplatform/commons/asset/ecr/iam.tf
new file mode 100644
index 0000000..8785640
--- /dev/null
+++ b/nullplatform/commons/asset/ecr/iam.tf
@@ -0,0 +1,93 @@
+resource "aws_iam_role" "nullplatform_application_role" {
+  name = "nullplatform-application-role"
+
+  assume_role_policy = jsonencode({
+    Version = "2012-10-17",
+    Statement = [
+      {
+        Effect = "Allow",
+        Principal = {
+          AWS = var.application_manager_assume_role
+        },
+        Action = "sts:AssumeRole",
+        Condition = {
+          StringEquals = {
+            "aws:RequestedRegion" = [
+              "us-east-1",
+              "us-west-2",
+              "eu-west-1"
+            ]
+          },
+          DateGreaterThan = {
+            "aws:CurrentTime" = "2024-01-01T00:00:00Z"
+          }
+        }
+      }
+    ]
+  })
+}
+
+resource "aws_iam_policy" "nullplatform_ecr_manager_policy" {
+  name        = "nullplatform-ecr-manager-policy"
+  description = "Policy for managing ECR repositories with restricted access"
+  policy = jsonencode({
+    Version = "2012-10-17",
+    Statement = [
+      {
+        Effect = "Allow",
+        Action = [
+          "ecr:GetDownloadUrlForLayer",
+          "ecr:BatchGetImage",
+          "ecr:CompleteLayerUpload",
+          "ecr:UploadLayerPart",
+          "ecr:InitiateLayerUpload",
+          "ecr:BatchCheckLayerAvailability",
+          "ecr:PutImage",
+          "ecr:CreateRepository",
+          "ecr:DeleteRepository",
+          "ecr:DescribeRepositories",
+          "ecr:TagResource"
+        ],
+        Resource = [
+          "arn:aws:ecr:*:*:repository/*"
+        ],
+        Condition = {
+          StringEquals = {
+            "aws:RequestedRegion" = [
+              "us-east-1",
+              "us-west-2",
+              "eu-west-1"
+            ]
+          }
+        }
+      },
+      {
+        Effect = "Allow",
+        Action = [
+          "sts:GetServiceBearerToken",
+          "ecr:GetAuthorizationToken"
+        ],
+        Resource = "*"
+      }
+    ]
+  })
+}
+
+resource "aws_iam_user" "nullplatform_build_workflow_user" {
+  name = "nullplatform-build-workflow-user"
+}
+
+resource "aws_iam_access_key" "nullplatform_build_workflow_user_key" {
+  user = aws_iam_user.nullplatform_build_workflow_user.name
+}
+
+
+resource "aws_iam_role_policy_attachment" "ecr-manager-policy" {
+  role       = aws_iam_role.nullplatform_application_role.name
+  policy_arn = aws_iam_policy.nullplatform_ecr_manager_policy.arn
+}
+
+resource "aws_iam_user_policy_attachment" "ecr-manager-policy-user" {
+  user       = aws_iam_user.nullplatform_build_workflow_user.name
+  policy_arn = aws_iam_policy.nullplatform_ecr_manager_policy.arn
+}
\ No newline at end of file
diff --git a/nullplatform/commons/asset/ecr/main.tf b/nullplatform/commons/asset/ecr/main.tf
new file mode 100644
index 0000000..e771780
--- /dev/null
+++ b/nullplatform/commons/asset/ecr/main.tf
@@ -0,0 +1,20 @@
+resource "nullplatform_provider_config" "ecr" {
+  provider   = nullplatform
+  nrn        = var.nrn
+  type       = "ecr"
+  dimensions = {}
+  attributes = jsonencode({
+    "ci" : {
+      "region" : data.aws_region.current.region,
+      "access_key" : aws_iam_access_key.nullplatform_build_workflow_user_key.id
+      "secret_key" : aws_iam_access_key.nullplatform_build_workflow_user_key.secret
+    },
+    "setup" : {
+      "region" : data.aws_region.current.region,
+      "role_arn" : aws_iam_role.nullplatform_application_role.arn
+    }
+  })
+  lifecycle {
+    ignore_changes = [attributes]
+  }
+}
\ No newline at end of file
diff --git a/nullplatform/commons/asset/ecr/providers.tf b/nullplatform/commons/asset/ecr/providers.tf
new file mode 100644
index 0000000..cb79686
--- /dev/null
+++ b/nullplatform/commons/asset/ecr/providers.tf
@@ -0,0 +1,12 @@
+terraform {
+  required_providers {
+    nullplatform = {
+      source  = "nullplatform/nullplatform"
+      version = "~> 0.0.63"
+    }
+  }
+}
+
+provider "nullplatform" {
+  api_key = var.np_api_key
+}
\ No newline at end of file
diff --git a/nullplatform/commons/asset/ecr/variables.tf b/nullplatform/commons/asset/ecr/variables.tf
new file mode 100644
index 0000000..598aef3
--- /dev/null
+++ b/nullplatform/commons/asset/ecr/variables.tf
@@ -0,0 +1,16 @@
+variable "nrn" {
+  description = "Identifier Nullplatform Resources Name"
+  type        = string
+}
+
+variable "np_api_key" {
+  type        = string
+  sensitive   = true
+  description = "Nullplatform API key for authentication"
+}
+
+variable "application_manager_assume_role" {
+  description = "ARN of the IAM role for application manager"
+  type        = string
+  default     = "arn:aws:iam::283477532906:role/application_manager"
+}
\ No newline at end of file
diff --git a/nullplatform/commons/code_repository/locals.tf b/nullplatform/commons/code_repository/locals.tf
new file mode 100644
index 0000000..679640a
--- /dev/null
+++ b/nullplatform/commons/code_repository/locals.tf
@@ -0,0 +1,4 @@
+locals {
+  is_gitlab = lower(var.git_provider) == "gitlab"
+  is_github = lower(var.git_provider) == "github"
+}
\ No newline at end of file
diff --git a/nullplatform/commons/code_repository/main.tf b/nullplatform/commons/code_repository/main.tf
new file mode 100644
index 0000000..4761c63
--- /dev/null
+++ b/nullplatform/commons/code_repository/main.tf
@@ -0,0 +1,40 @@
+/* If the git_provider variable is set to gitlab, create this resource. */
+resource "nullplatform_provider_config" "gitlab" {
+  count      = local.is_gitlab ? 1 : 0
+  nrn        = try(regex("(.*):namespace.*", var.nrn)[0], var.nrn)
+  type       = "gitlab-configuration"
+  dimensions = {}
+  attributes = jsonencode({
+    "setup" : {
+      "group_path" : var.group_path,
+      "access_token" : var.access_token,
+      "installation_url" : var.installation_url
+    },
+    "access" : var.collaborators_config
+    }
+  )
+
+}
+/* If the git_provider variable is set to gitlab, create this resource. 
+resource "nullplatform_account" "gitlab_account" {
+  count      = local.is_gitlab ? 1 : 0
+  name                = var.gitlab_name
+  repository_prefix   = var.gitlab_repository_prefix
+  repository_provider = var.repository_provider
+  slug                = var.gitlab_slug
+}
+*/
+/* If the git_provider variable has the value github, create this resource */
+resource "nullplatform_provider_config" "github" {
+  count      = local.is_github ? 1 : 0
+  nrn        = replace(var.nrn, ":namespace=.*$", "")
+  type       = "github-configuration"
+  dimensions = {}
+  attributes = jsonencode({
+    "setup" : {
+      "organization" : var.organization,
+      "installation_id" : var.organization_installation_id
+    },
+    }
+  )
+}
diff --git a/nullplatform/commons/code_repository/provider.tf b/nullplatform/commons/code_repository/provider.tf
new file mode 100644
index 0000000..a3f18aa
--- /dev/null
+++ b/nullplatform/commons/code_repository/provider.tf
@@ -0,0 +1,12 @@
+terraform {
+  required_providers {
+    nullplatform = {
+      source  = "nullplatform/nullplatform"
+      version = ">= 0.0.67"
+    }
+  }
+}
+provider "nullplatform" {
+
+  api_key = var.np_api_key
+}
\ No newline at end of file
diff --git a/nullplatform/commons/code_repository/variables.tf b/nullplatform/commons/code_repository/variables.tf
new file mode 100644
index 0000000..8d561d8
--- /dev/null
+++ b/nullplatform/commons/code_repository/variables.tf
@@ -0,0 +1,68 @@
+variable "group_path" {
+  type = string
+
+}
+
+variable "access_token" {
+  type      = string
+  sensitive = true
+
+}
+
+variable "installation_url" {
+  type = string
+
+}
+
+variable "np_api_key" {
+  type      = string
+  sensitive = true
+
+}
+variable "nrn" {
+  type = string
+
+}
+
+variable "collaborators_config" {
+  type = object({
+    collaborators = list(object({
+      id   = string
+      role = string
+      type = string
+    }))
+  })
+}
+
+variable "gitlab_repository_prefix" {
+  type = string
+
+}
+variable "gitlab_name" {
+  type = string
+
+}
+
+variable "repository_provider" {
+  type = string
+
+}
+variable "gitlab_slug" {
+  type = string
+
+}
+
+variable "git_provider" {
+  type        = string
+  description = "gitlab or github"
+}
+variable "organization" {
+  type    = string
+  default = ""
+
+}
+variable "organization_installation_id" {
+  type    = string
+  default = ""
+
+}
\ No newline at end of file
diff --git a/modules/nullplatform/dimensions/main.tf b/nullplatform/commons/dimensions/main.tf
similarity index 99%
rename from modules/nullplatform/dimensions/main.tf
rename to nullplatform/commons/dimensions/main.tf
index 037e8b4..0a07e2c 100644
--- a/modules/nullplatform/dimensions/main.tf
+++ b/nullplatform/commons/dimensions/main.tf
@@ -9,4 +9,4 @@ resource "nullplatform_dimension_value" "environment_value" {
   dimension_id = nullplatform_dimension.environment.id
   name         = each.value
   nrn          = var.nrn
-}
+}
\ No newline at end of file
diff --git a/nullplatform/commons/dimensions/providers.tf b/nullplatform/commons/dimensions/providers.tf
new file mode 100644
index 0000000..cb79686
--- /dev/null
+++ b/nullplatform/commons/dimensions/providers.tf
@@ -0,0 +1,12 @@
+terraform {
+  required_providers {
+    nullplatform = {
+      source  = "nullplatform/nullplatform"
+      version = "~> 0.0.63"
+    }
+  }
+}
+
+provider "nullplatform" {
+  api_key = var.np_api_key
+}
\ No newline at end of file
diff --git a/nullplatform/commons/dimensions/variables.tf b/nullplatform/commons/dimensions/variables.tf
new file mode 100644
index 0000000..e69b14d
--- /dev/null
+++ b/nullplatform/commons/dimensions/variables.tf
@@ -0,0 +1,15 @@
+variable "environments" {
+  type        = list(string)
+  description = "The list of environments"
+  default     = ["development", "staging", "production"]
+}
+variable "nrn" {
+  description = "Identifier Nullplatform Resources Name"
+  type        = string
+}
+
+variable "np_api_key" {
+  type        = string
+  sensitive   = true
+  description = "Nullplatform API key for authentication"
+}
\ No newline at end of file
diff --git a/nullplatform/commons/prometheus/README.md b/nullplatform/commons/prometheus/README.md
new file mode 100644
index 0000000..c683811
--- /dev/null
+++ b/nullplatform/commons/prometheus/README.md
@@ -0,0 +1,32 @@
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 6.0 |
+| <a name="requirement_helm"></a> [helm](#requirement\_helm) | ~> 3.0 |
+| <a name="requirement_nullplatform"></a> [nullplatform](#requirement\_nullplatform) | ~> 0.0.63 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_aws"></a> [aws](#provider\_aws) | ~> 6.0 |
+| <a name="provider_helm"></a> [helm](#provider\_helm) | ~> 3.0 |
+| <a name="provider_nullplatform"></a> [nullplatform](#provider\_nullplatform) | ~> 0.0.63 |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [helm_release.prometheus](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
+| [nullplatform_provider_config.prometheus](https://registry.terraform.io/providers/nullplatform/nullplatform/latest/docs/resources/provider_config) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_cluster_name"></a> [cluster\_name](#input\_cluster\_name) | n/a | `any` | n/a | yes |
+| <a name="input_namespace"></a> [namespace](#input\_namespace) | n/a | `string` | `"prometheus"` | no |
+| <a name="input_nrn"></a> [nrn](#input\_nrn) | n/a | `any` | n/a | yes |
+<!-- END_TF_DOCS -->
\ No newline at end of file
diff --git a/nullplatform/commons/prometheus/locals.tf b/nullplatform/commons/prometheus/locals.tf
new file mode 100644
index 0000000..f80060c
--- /dev/null
+++ b/nullplatform/commons/prometheus/locals.tf
@@ -0,0 +1,5 @@
+locals {
+  prometheus_values = templatefile("${path.module}/templates/prometheus-values.tmpl.yaml", {
+    nullplatform_port = var.nullplatform_port
+  })
+}
\ No newline at end of file
diff --git a/nullplatform/commons/prometheus/main.tf b/nullplatform/commons/prometheus/main.tf
new file mode 100644
index 0000000..0486be7
--- /dev/null
+++ b/nullplatform/commons/prometheus/main.tf
@@ -0,0 +1,24 @@
+resource "helm_release" "prometheus" {
+  name             = "prometheus"
+  repository       = "https://prometheus-community.github.io/helm-charts"
+  chart            = "prometheus"
+  namespace        = var.prometheus_namespace
+  create_namespace = true
+
+  values = [local.prometheus_values]
+}
+
+resource "nullplatform_provider_config" "prometheus" {
+  nrn  = var.nrn
+  type = "prometheus"
+  attributes = jsonencode({
+    "server" : {
+      "url" : "http://prometheus-server.${var.prometheus_namespace}.svc.cluster.local:80"
+    }
+  })
+  dimensions = {}
+
+  lifecycle {
+    ignore_changes = [attributes]
+  }
+}
\ No newline at end of file
diff --git a/nullplatform/commons/prometheus/providers.tf b/nullplatform/commons/prometheus/providers.tf
new file mode 100644
index 0000000..6985ecd
--- /dev/null
+++ b/nullplatform/commons/prometheus/providers.tf
@@ -0,0 +1,24 @@
+terraform {
+  required_providers {
+    nullplatform = {
+      source  = "nullplatform/nullplatform"
+      version = "~> 0.0.63"
+    }
+
+    helm = {
+      source  = "hashicorp/helm"
+      version = "~> 3.0"
+    }
+  }
+}
+provider "helm" {
+  kubernetes = {
+    config_path    = var.kubeconfig_path
+    config_context = var.kube_context
+  }
+}
+
+provider "nullplatform" {
+
+  api_key = var.np_api_key
+}
\ No newline at end of file
diff --git a/nullplatform/commons/prometheus/templates/prometheus-values.tmpl.yaml b/nullplatform/commons/prometheus/templates/prometheus-values.tmpl.yaml
new file mode 100644
index 0000000..a6ad502
--- /dev/null
+++ b/nullplatform/commons/prometheus/templates/prometheus-values.tmpl.yaml
@@ -0,0 +1,25 @@
+alertmanager:
+  persistence:
+    enabled: false
+server:
+  persistentVolume:
+    enabled: false
+extraScrapeConfigs: |
+  # Métricas de Null Platform desde nodos K8s
+  - job_name: null-platform-metrics
+    kubernetes_sd_configs:
+      - role: node
+    metrics_path: /metrics
+    scheme: http
+    relabel_configs:
+      #  Change kubelet port (10250) to null-platform  (2021)
+      - source_labels: [ __address__ ]
+        regex: '(.*):10250'
+        target_label: __address__
+        replacement: '$1:${nullplatform_port}'
+      # Mapear labels de nodos K8s
+      - action: labelmap
+        regex: __meta_kubernetes_node_label_(.+)
+      # Añadir nombre del nodo
+      - source_labels: [ __meta_kubernetes_node_name ]
+        target_label: node
\ No newline at end of file
diff --git a/nullplatform/commons/prometheus/variables.tf b/nullplatform/commons/prometheus/variables.tf
new file mode 100644
index 0000000..11529f4
--- /dev/null
+++ b/nullplatform/commons/prometheus/variables.tf
@@ -0,0 +1,25 @@
+variable "prometheus_namespace" {
+  default = "prometheus"
+}
+
+variable "nrn" {}
+
+
+variable "np_api_key" {
+  type = string
+}
+
+variable "nullplatform_port" {
+  type    = number
+  default = 2021
+}
+
+variable "kubeconfig_path" {
+  type    = string
+  default = "~/.kube/config"
+}
+variable "kube_context" {
+  type    = string
+  default = null # o el nombre de tu context
+}
+
diff --git a/nullplatform/commons/users/main.tf b/nullplatform/commons/users/main.tf
new file mode 100644
index 0000000..8e9f32e
--- /dev/null
+++ b/nullplatform/commons/users/main.tf
@@ -0,0 +1,24 @@
+resource "nullplatform_user" "nullplatform_user" {
+  for_each = var.nullplatform_users
+
+  email      = each.value.email
+  first_name = each.value.first_name
+  last_name  = each.value.last_name
+}
+
+resource "nullplatform_authz_grant" "nullplatform_user_role" {
+  for_each = merge([
+    for user_key, user_data in var.nullplatform_users : {
+      for role in user_data.role_slug :
+      "${user_key}-${role}" => {
+        user_id   = nullplatform_user.nullplatform_user[user_key].id
+        role_slug = role
+        nrn       = user_data.nrn
+      }
+    }
+  ]...)
+
+  user_id   = each.value.user_id
+  role_slug = each.value.role_slug
+  nrn       = each.value.nrn
+}
\ No newline at end of file
diff --git a/nullplatform/commons/users/providers.tf b/nullplatform/commons/users/providers.tf
new file mode 100644
index 0000000..cb79686
--- /dev/null
+++ b/nullplatform/commons/users/providers.tf
@@ -0,0 +1,12 @@
+terraform {
+  required_providers {
+    nullplatform = {
+      source  = "nullplatform/nullplatform"
+      version = "~> 0.0.63"
+    }
+  }
+}
+
+provider "nullplatform" {
+  api_key = var.np_api_key
+}
\ No newline at end of file
diff --git a/nullplatform/commons/users/variables.tf b/nullplatform/commons/users/variables.tf
new file mode 100644
index 0000000..2b30aba
--- /dev/null
+++ b/nullplatform/commons/users/variables.tf
@@ -0,0 +1,12 @@
+variable "nullplatform_users" {
+  type = map(object({
+    email      = string
+    first_name = string
+    last_name  = string
+    role_slug  = list(string)
+    nrn        = string
+  }))
+}
+
+variable "np_api_key" {
+}
\ No newline at end of file
diff --git a/nullplatform/gcp/agent/README.md b/nullplatform/gcp/agent/README.md
new file mode 100644
index 0000000..7eb41ae
--- /dev/null
+++ b/nullplatform/gcp/agent/README.md
@@ -0,0 +1,56 @@
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 6.0 |
+| <a name="requirement_helm"></a> [helm](#requirement\_helm) | ~> 3.0 |
+| <a name="requirement_nullplatform"></a> [nullplatform](#requirement\_nullplatform) | ~> 0.0.63 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_external"></a> [external](#provider\_external) | n/a |
+| <a name="provider_google"></a> [google](#provider\_google) | n/a |
+| <a name="provider_helm"></a> [helm](#provider\_helm) | ~> 3.0 |
+| <a name="provider_http"></a> [http](#provider\_http) | n/a |
+| <a name="provider_null"></a> [null](#provider\_null) | n/a |
+| <a name="provider_nullplatform"></a> [nullplatform](#provider\_nullplatform) | ~> 0.0.63 |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [helm_release.agent](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
+| [null_resource.nrn_patch](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
+| [nullplatform_action_specification.from_templates](https://registry.terraform.io/providers/nullplatform/nullplatform/latest/docs/resources/action_specification) | resource |
+| [nullplatform_api_key.nullplatform-agent-api-key](https://registry.terraform.io/providers/nullplatform/nullplatform/latest/docs/resources/api_key) | resource |
+| [nullplatform_notification_channel.from_template](https://registry.terraform.io/providers/nullplatform/nullplatform/latest/docs/resources/notification_channel) | resource |
+| [nullplatform_scope_type.from_template](https://registry.terraform.io/providers/nullplatform/nullplatform/latest/docs/resources/scope_type) | resource |
+| [nullplatform_service_specification.from_template](https://registry.terraform.io/providers/nullplatform/nullplatform/latest/docs/resources/service_specification) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_action_spec_names"></a> [action\_spec\_names](#input\_action\_spec\_names) | List of action specification template names to fetch and create | `list(string)` | <pre>[<br/>  "create-scope",<br/>  "delete-scope",<br/>  "start-initial",<br/>  "start-blue-green",<br/>  "finalize-blue-green",<br/>  "rollback-deployment",<br/>  "delete-deployment",<br/>  "switch-traffic",<br/>  "set-desired-instance-count",<br/>  "pause-autoscaling",<br/>  "resume-autoscaling",<br/>  "restart-pods",<br/>  "kill-instances"<br/>]</pre> | no |
+| <a name="input_agent_repos_extra"></a> [agent\_repos\_extra](#input\_agent\_repos\_extra) | Additional repositories for the agent configuration | `list(string)` | `[]` | no |
+| <a name="input_agent_repos_scope"></a> [agent\_repos\_scope](#input\_agent\_repos\_scope) | Git repository URL for agent scopes configuration | `string` | `"https://github.com/nullplatform/scopes.git#main"` | no |
+| <a name="input_cluster_name"></a> [cluster\_name](#input\_cluster\_name) | Name of the kubernetes cluster | `string` | n/a | yes |
+| <a name="input_environment_tag"></a> [environment\_tag](#input\_environment\_tag) | n/a | `any` | n/a | yes |
+| <a name="input_external_logging_provider"></a> [external\_logging\_provider](#input\_external\_logging\_provider) | External logging provider name | `string` | `"external"` | no |
+| <a name="input_external_metrics_provider"></a> [external\_metrics\_provider](#input\_external\_metrics\_provider) | External metrics provider name | `string` | `"externalmetrics"` | no |
+| <a name="input_github_ref"></a> [github\_ref](#input\_github\_ref) | Git reference (branch, tag, or commit) | `string` | `"beta"` | no |
+| <a name="input_github_repo_url"></a> [github\_repo\_url](#input\_github\_repo\_url) | GitHub repository URL containing templates | `string` | `"https://github.com/nullplatform/scopes"` | no |
+| <a name="input_init_scripts"></a> [init\_scripts](#input\_init\_scripts) | List of initialization scripts to run | `list(string)` | `[]` | no |
+| <a name="input_location"></a> [location](#input\_location) | n/a | `string` | n/a | yes |
+| <a name="input_namespace"></a> [namespace](#input\_namespace) | Kubernetes namespace to agent run | `string` | `"nullplatform-tools"` | no |
+| <a name="input_np_api_key"></a> [np\_api\_key](#input\_np\_api\_key) | Nullplatform API key for authentication | `string` | n/a | yes |
+| <a name="input_nrn"></a> [nrn](#input\_nrn) | Identifier Nullplatform Resources Name | `string` | n/a | yes |
+| <a name="input_nullplatform-agent-helm-version"></a> [nullplatform-agent-helm-version](#input\_nullplatform-agent-helm-version) | Helm chart version for the Nullplatform agent | `string` | `"2.11.0"` | no |
+| <a name="input_project_id"></a> [project\_id](#input\_project\_id) | n/a | `string` | n/a | yes |
+| <a name="input_repo_path"></a> [repo\_path](#input\_repo\_path) | Local path to the repository containing templates | `string` | `"/root/.np/nullplatform/scopes"` | no |
+| <a name="input_service_path"></a> [service\_path](#input\_service\_path) | Service path within the repository | `string` | `"k8s"` | no |
+| <a name="input_tags"></a> [tags](#input\_tags) | Tags to apply to identifier agent | `string` | n/a | yes |
+<!-- END_TF_DOCS -->
\ No newline at end of file
diff --git a/nullplatform/gcp/agent/auth.tf b/nullplatform/gcp/agent/auth.tf
new file mode 100644
index 0000000..6ac502a
--- /dev/null
+++ b/nullplatform/gcp/agent/auth.tf
@@ -0,0 +1,32 @@
+
+
+
+resource "nullplatform_api_key" "nullplatform-agent-api-key" {
+  name = "NULLPLATFORM-AGENT-API-KEY"
+
+  grants {
+    nrn       = local.nrn_without_namespace
+    role_slug = "controlplane:agent"
+  }
+  grants {
+    nrn       = local.nrn_without_namespace
+    role_slug = "developer"
+  }
+  grants {
+    nrn       = local.nrn_without_namespace
+    role_slug = "ops"
+  }
+  grants {
+    nrn       = local.nrn_without_namespace
+    role_slug = "secops"
+  }
+  grants {
+    nrn       = local.nrn_without_namespace
+    role_slug = "secrets-reader"
+  }
+
+  tags {
+    key   = "managed-by"
+    value = "IaC"
+  }
+}
\ No newline at end of file
diff --git a/nullplatform/gcp/agent/channel.tf b/nullplatform/gcp/agent/channel.tf
new file mode 100644
index 0000000..0b1fa66
--- /dev/null
+++ b/nullplatform/gcp/agent/channel.tf
@@ -0,0 +1,63 @@
+################################################################################
+# Step 1: Fetch Notification Channel Template
+################################################################################
+
+data "http" "notification_channel_template" {
+  url = "${var.github_repo_url}/raw/${var.github_ref}/${var.service_path}/specs/notification-channel.json.tpl"
+}
+
+###############################################################################
+#Step 2: Process and Create Notification Channel
+###############################################################################
+
+#Process notification channel template
+data "external" "notification_channel" {
+  program = ["sh", "-c", <<-EOT
+    processed_json=$(echo '${data.http.notification_channel_template.response_body}' | \
+    NRN='${var.nrn}' \
+    NP_API_KEY='${nullplatform_api_key.nullplatform-agent-api-key.api_key}' \
+    REPO_PATH='${var.repo_path}' \
+    SERVICE_PATH='${var.service_path}' \
+    ENVIRONMENT='${var.environment_tag}' \
+    SERVICE_SLUG='${nullplatform_service_specification.from_template.slug}' \
+    SERVICE_SPECIFICATION_ID='${nullplatform_service_specification.from_template.id}' \
+    gomplate)
+    echo "{\"json\":\"$(echo "$processed_json" | sed 's/"/\\"/g' | tr -d '\n')\"}"
+  EOT
+  ]
+}
+
+locals {
+  notification_channel_def = jsondecode(data.external.notification_channel.result.json)
+}
+
+# Create notification channel
+resource "nullplatform_notification_channel" "from_template" {
+  nrn    = var.nrn
+  type   = local.notification_channel_def.type
+  source = local.notification_channel_def.source
+
+  configuration {
+    dynamic "agent" {
+      for_each = local.notification_channel_def.type == "agent" ? [local.notification_channel_def.configuration] : []
+      content {
+        api_key = agent.value.api_key
+        command {
+          type = agent.value.command.type
+          data = {
+            for k, v in agent.value.command.data : k => (
+              k == "environment" ? jsonencode({
+                NP_ACTION_CONTEXT = "'$${NOTIFICATION_CONTEXT}'"
+                }) : (
+                can(tostring(v)) ? tostring(v) : jsonencode(v)
+              )
+            )
+          }
+        }
+        selector = agent.value.selector
+      }
+    }
+  }
+
+  filters = can(local.notification_channel_def.filters) ? jsonencode(local.notification_channel_def.filters) : null
+}
\ No newline at end of file
diff --git a/nullplatform/gcp/agent/locals.tf b/nullplatform/gcp/agent/locals.tf
new file mode 100644
index 0000000..0f45a80
--- /dev/null
+++ b/nullplatform/gcp/agent/locals.tf
@@ -0,0 +1,15 @@
+locals {
+  scope_list            = compact([trimspace(coalesce(var.agent_repos_scope, ""))])
+  repos_extra           = compact([for s in split(",", try(coalesce(var.agent_repos_extra, ""), "")) : trimspace(s)])
+  final_list            = distinct(concat(local.scope_list, local.repos_extra))
+  nrn_without_namespace = join(":", slice(split(":", var.nrn), 0, 2))
+
+  nullplatform_agent_values = templatefile("${path.module}/templates/nullplatform-agent-values.tmpl.yaml", {
+    agent_repos  = join(",", local.final_list)
+    cluster_name = var.cluster_name
+    tags         = var.tags
+    init_scripts = var.init_scripts
+    api_key      = nullplatform_api_key.nullplatform-agent-api-key.api_key
+    namespace    = var.namespace
+  })
+}
\ No newline at end of file
diff --git a/nullplatform/gcp/agent/main.tf b/nullplatform/gcp/agent/main.tf
new file mode 100644
index 0000000..0d39a5e
--- /dev/null
+++ b/nullplatform/gcp/agent/main.tf
@@ -0,0 +1,24 @@
+resource "helm_release" "agent" {
+  name             = "nullplatform-agent"
+  chart            = "nullplatform-agent"
+  repository       = "https://nullplatform.github.io/helm-charts"
+  namespace        = var.namespace
+  version          = var.nullplatform-agent-helm-version
+  create_namespace = true
+
+  disable_webhooks  = true
+  force_update      = true
+  wait              = true
+  wait_for_jobs     = true
+  timeout           = 600
+  atomic            = true
+  cleanup_on_fail   = true
+  replace           = false
+  recreate_pods     = false
+  reset_values      = false
+  reuse_values      = false
+  dependency_update = true
+  max_history       = 10
+
+  values = [local.nullplatform_agent_values]
+}
\ No newline at end of file
diff --git a/nullplatform/gcp/agent/providers.tf b/nullplatform/gcp/agent/providers.tf
new file mode 100644
index 0000000..a9fd42a
--- /dev/null
+++ b/nullplatform/gcp/agent/providers.tf
@@ -0,0 +1,27 @@
+terraform {
+  required_providers {
+    nullplatform = {
+      source  = "nullplatform/nullplatform"
+      version = "~> 0.0.63"
+    }
+    helm = {
+      source  = "hashicorp/helm"
+      version = "~> 3.0"
+    }
+  }
+}
+
+provider "helm" {
+  kubernetes = {
+    config_path    = var.kubeconfig_path
+    config_context = var.kube_context
+  }
+}
+provider "kubernetes" {
+  config_path = var.kubeconfig_path
+}
+
+provider "nullplatform" {
+
+  api_key = var.np_api_key
+}
\ No newline at end of file
diff --git a/nullplatform/gcp/agent/scopes.tf b/nullplatform/gcp/agent/scopes.tf
new file mode 100644
index 0000000..74a3f2e
--- /dev/null
+++ b/nullplatform/gcp/agent/scopes.tf
@@ -0,0 +1,211 @@
+################################################################################
+# Step 1: Fetch Templates
+################################################################################
+
+# Fetch service specification template
+data "http" "service_spec_template" {
+  url = "${var.github_repo_url}/raw/${var.github_ref}/${var.service_path}/specs/service-spec.json.tpl"
+}
+
+# Fetch scope type template
+data "http" "scope_type_template" {
+  url = "${var.github_repo_url}/raw/${var.github_ref}/${var.service_path}/specs/scope-type-definition.json.tpl"
+}
+
+# Fetch action specification templates
+data "http" "action_templates" {
+  for_each = toset(var.action_spec_names)
+  url      = "${var.github_repo_url}/raw/${var.github_ref}/${var.service_path}/specs/actions/${each.key}.json.tpl"
+}
+
+################################################################################
+# Step 2: Process and Create Service Specification
+################################################################################
+
+# Process service spec template
+data "external" "service_spec" {
+  program = ["sh", "-c", <<-EOT
+    processed_json=$(echo '${data.http.service_spec_template.response_body}' | NRN='${var.nrn}' gomplate)
+    echo "{\"json\":\"$(echo "$processed_json" | sed 's/"/\\"/g' | tr -d '\n')\"}"
+  EOT
+  ]
+}
+
+locals {
+  service_spec_parsed = jsondecode(data.external.service_spec.result.json)
+}
+
+# Create service specification
+resource "nullplatform_service_specification" "from_template" {
+  name                = local.service_spec_parsed.name
+  visible_to          = local.service_spec_parsed.visible_to
+  assignable_to       = local.service_spec_parsed.assignable_to
+  type                = local.service_spec_parsed.type
+  attributes          = jsonencode(local.service_spec_parsed.attributes)
+  use_default_actions = local.service_spec_parsed.use_default_actions
+
+  selectors {
+    category     = local.service_spec_parsed.selectors.category
+    imported     = local.service_spec_parsed.selectors.imported
+    provider     = local.service_spec_parsed.selectors.provider
+    sub_category = local.service_spec_parsed.selectors.sub_category
+  }
+
+  lifecycle {
+    ignore_changes = [attributes]
+  }
+}
+
+locals {
+  # Variables that depend on created service specification
+  service_specification_id = nullplatform_service_specification.from_template.id
+  service_slug             = nullplatform_service_specification.from_template.slug
+
+  dependent_env_vars = {
+    NRN                      = var.nrn
+    SERVICE_SPECIFICATION_ID = local.service_specification_id
+    SERVICE_SLUG             = local.service_slug
+    SERVICE_PATH             = var.service_path
+    REPO_PATH                = var.repo_path
+  }
+}
+
+################################################################################
+# Step 3: Process and Create Scope Type
+################################################################################
+
+# Process scope type template
+data "external" "scope_type" {
+  depends_on = [nullplatform_service_specification.from_template]
+
+  program = ["sh", "-c", <<-EOT
+    processed_json=$(echo '${data.http.scope_type_template.response_body}' | \
+    NRN='${local.dependent_env_vars.NRN}' \
+    SERVICE_SPECIFICATION_ID='${local.dependent_env_vars.SERVICE_SPECIFICATION_ID}' \
+    gomplate)
+    echo "{\"json\":\"$(echo "$processed_json" | sed 's/"/\\"/g' | tr -d '\n')\"}"
+  EOT
+  ]
+}
+
+locals {
+  scope_type_def = jsondecode(data.external.scope_type.result.json)
+}
+
+# Create scope type
+resource "nullplatform_scope_type" "from_template" {
+  depends_on = [nullplatform_service_specification.from_template]
+
+  nrn         = var.nrn
+  name        = local.scope_type_def.name
+  description = local.scope_type_def.description
+  provider_id = local.service_specification_id
+}
+
+################################################################################
+# Step 4: Create Action Specifications
+################################################################################
+
+# Process action templates
+/*
+data "external" "action_specs" {
+  for_each   = toset(var.action_spec_names)
+  depends_on = [nullplatform_service_specification.from_template]
+  program = ["sh", "-c", <<-EOT
+    processed_json=$(echo '${try(data.http.action_templates[each.key].response_body, "{}")}' | \
+    NRN='${local.dependent_env_vars.NRN}' \
+    SERVICE_SPECIFICATION_ID='${local.dependent_env_vars.SERVICE_SPECIFICATION_ID}' \
+    SERVICE_SLUG='${local.dependent_env_vars.SERVICE_SLUG}' \
+    SERVICE_PATH='${local.dependent_env_vars.SERVICE_PATH}' \
+    REPO_PATH='${local.dependent_env_vars.REPO_PATH}' \
+    gomplate)
+    echo "{\"json_b64\":\"$(echo "$processed_json" | base64 -w 0)\"}"
+  EOT
+  ]
+
+}
+*/
+data "external" "action_specs" {
+  for_each   = toset(var.action_spec_names)
+  depends_on = [nullplatform_service_specification.from_template]
+
+  program = ["sh", "-c", <<-EOT
+    set -euo pipefail
+
+    # Inyectar el template y normalizar EOLs a Unix
+    body=$(cat <<'TPL'
+${try(data.http.action_templates[each.key].response_body, "{}")}
+TPL
+)
+    body="$(printf '%s' "$body" | tr -d '\r')"
+
+    # Render con gomplate (vars por entorno)
+    NRN='${local.dependent_env_vars.NRN}' \
+    SERVICE_SPECIFICATION_ID='${local.dependent_env_vars.SERVICE_SPECIFICATION_ID}' \
+    SERVICE_SLUG='${local.dependent_env_vars.SERVICE_SLUG}' \
+    SERVICE_PATH='${local.dependent_env_vars.SERVICE_PATH}' \
+    REPO_PATH='${local.dependent_env_vars.REPO_PATH}' \
+    processed_json="$(printf '%s' "$body" | gomplate)"
+
+    # Validar JSON (opcional pero útil)
+    printf '%s' "$processed_json" | jq . >/dev/null
+
+    # Base64 sin saltos y sin CR
+    b64="$(printf '%s' "$processed_json" | base64 | tr -d '\r\n')"
+
+    # ENTREGAR map[string]string en UNA línea por stdout
+    printf '{"json_b64":"%s"}\n' "$b64"
+  EOT
+  ]
+}
+
+
+locals {
+  # Static list of action specifications to avoid for_each dependency issues
+  static_action_specs = toset(var.action_spec_names)
+}
+
+# Create action specifications
+resource "nullplatform_action_specification" "from_templates" {
+  for_each   = local.static_action_specs
+  depends_on = [nullplatform_service_specification.from_template]
+
+  service_specification_id = local.service_specification_id
+  name                     = jsondecode(base64decode(data.external.action_specs[each.key].result.json_b64)).name
+  type                     = jsondecode(base64decode(data.external.action_specs[each.key].result.json_b64)).type
+  parameters               = jsonencode(jsondecode(base64decode(data.external.action_specs[each.key].result.json_b64)).parameters)
+  results                  = jsonencode(jsondecode(base64decode(data.external.action_specs[each.key].result.json_b64)).results)
+  retryable                = try(jsondecode(base64decode(data.external.action_specs[each.key].result.json_b64)).retryable, false)
+
+  lifecycle {
+    ignore_changes = [annotations]
+  }
+
+}
+
+################################################################################
+# Step 5: Configure NRN with External Providers (Patch)
+################################################################################
+
+# This replicates: np nrn patch --nrn "$NRN" --body "{\"global.${SERVICE_SLUG}_metric_provider\": \"externalmetrics\", \"global.${SERVICE_SLUG}_log_provider\": \"external\"}"
+resource "null_resource" "nrn_patch" {
+  depends_on = [nullplatform_service_specification.from_template]
+
+  triggers = {
+    nrn          = var.nrn
+    service_slug = local.service_slug
+  }
+
+  provisioner "local-exec" {
+    command = <<-EOT
+      np nrn patch --nrn "${var.nrn}" --body "{
+        \"global.${local.service_slug}_metric_provider\": \"${var.external_metrics_provider}\",
+        \"global.${local.service_slug}_log_provider\": \"${var.external_logging_provider}\"
+      }"
+    EOT
+
+    environment = {
+      NP_API_KEY = var.np_api_key
+    }
+  }
+}
\ No newline at end of file
diff --git a/nullplatform/gcp/agent/templates/nullplatform-agent-values.tmpl.yaml b/nullplatform/gcp/agent/templates/nullplatform-agent-values.tmpl.yaml
new file mode 100644
index 0000000..8abcf48
--- /dev/null
+++ b/nullplatform/gcp/agent/templates/nullplatform-agent-values.tmpl.yaml
@@ -0,0 +1,19 @@
+args:
+  - "--tags=$(TAGS)"
+  - "--apikey=$(NP_API_KEY)"
+  - "--runtime=host"
+  - "--command-executor-env=NP_API_KEY=$(NP_API_KEY)"
+  - "--command-executor-debug"
+  - "--webserver-enabled"
+  - "--command-executor-git-command-repos $(AGENT_REPOS)"
+
+configuration:
+  values:
+    NP_API_KEY: "${api_key}"
+    TAGS: "${tags}"
+    AGENT_REPOS: "${agent_repos}"
+    CLUSTER_NAME: "${cluster_name}"
+    NAMESPACE: "${namespace}"
+    DNS_TYPE: ”external_dns”
+
+
diff --git a/nullplatform/gcp/agent/variables.tf b/nullplatform/gcp/agent/variables.tf
new file mode 100644
index 0000000..27bb89b
--- /dev/null
+++ b/nullplatform/gcp/agent/variables.tf
@@ -0,0 +1,129 @@
+variable "nullplatform-agent-helm-version" {
+  description = "Helm chart version for the Nullplatform agent"
+  type        = string
+  default     = "2.14.0"
+}
+
+variable "agent_repos_scope" {
+  description = "Git repository URL for agent scopes configuration"
+  type        = string
+  default     = "https://github.com/nullplatform/scopes.git#ftc"
+}
+
+variable "agent_repos_extra" {
+  description = "Additional repositories for the agent configuration"
+  type        = list(string)
+  default     = []
+}
+
+variable "cluster_name" {
+  description = "Name of the kubernetes cluster"
+  type        = string
+}
+
+variable "tags" {
+  description = "Tags to apply to identifier agent"
+  type        = string
+}
+
+variable "init_scripts" {
+  description = "List of initialization scripts to run"
+  type        = list(string)
+  default     = []
+}
+
+variable "nrn" {
+  description = "Identifier Nullplatform Resources Name"
+  type        = string
+}
+
+variable "namespace" {
+  description = "Kubernetes namespace to agent run"
+  type        = string
+  default     = "nullplatform-tools"
+}
+
+# Template Configuration
+variable "service_path" {
+  type        = string
+  default     = "k8s"
+  description = "Service path within the repository"
+}
+
+variable "repo_path" {
+  type        = string
+  default     = "/root/.np/nullplatform/scopes"
+  description = "Local path to the repository containing templates"
+}
+
+variable "github_repo_url" {
+  type        = string
+  default     = "https://github.com/nullplatform/scopes"
+  description = "GitHub repository URL containing templates"
+}
+
+variable "github_ref" {
+  type        = string
+  default     = "ftc"
+  description = "Git reference (branch, tag, or commit)"
+}
+
+
+
+################################################################################
+# Scope Definition Module Variables
+################################################################################
+
+variable "action_spec_names" {
+  type = list(string)
+  default = [
+    "create-scope",
+    "delete-scope",
+    "start-initial",
+    "start-blue-green",
+    "finalize-blue-green",
+    "rollback-deployment",
+    "delete-deployment",
+    "switch-traffic",
+    "set-desired-instance-count",
+    "pause-autoscaling",
+    "resume-autoscaling",
+    "restart-pods",
+    "kill-instances"
+  ]
+  description = "List of action specification template names to fetch and create"
+}
+
+# NRN Patch Configuration
+variable "np_api_key" {
+  type        = string
+  sensitive   = true
+  description = "Nullplatform API key for authentication"
+}
+
+variable "external_metrics_provider" {
+  type        = string
+  default     = "externalmetrics"
+  description = "External metrics provider name"
+}
+
+variable "external_logging_provider" {
+  type        = string
+  default     = "external"
+  description = "External logging provider name"
+}
+
+
+
+variable "environment_tag" {
+
+}
+
+variable "kubeconfig_path" {
+  type    = string
+  default = "~/.kube/config"
+}
+variable "kube_context" {
+  type    = string
+  default = null # o el nombre de tu context
+}
\ No newline at end of file
diff --git a/nullplatform/gcp/base/README.md b/nullplatform/gcp/base/README.md
new file mode 100644
index 0000000..ee0039f
--- /dev/null
+++ b/nullplatform/gcp/base/README.md
@@ -0,0 +1,39 @@
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_google"></a> [google](#requirement\_google) | ~> 5.0 |
+| <a name="requirement_helm"></a> [helm](#requirement\_helm) | ~> 3.0 |
+| <a name="requirement_kubernetes"></a> [kubernetes](#requirement\_kubernetes) | ~> 2.25 |
+| <a name="requirement_nullplatform"></a> [nullplatform](#requirement\_nullplatform) | ~> 0.0.63 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_google"></a> [google](#provider\_google) | ~> 5.0 |
+| <a name="provider_helm"></a> [helm](#provider\_helm) | ~> 3.0 |
+| <a name="provider_kubernetes"></a> [kubernetes](#provider\_kubernetes) | ~> 2.25 |
+| <a name="provider_nullplatform"></a> [nullplatform](#provider\_nullplatform) | ~> 0.0.63 |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [helm_release.base](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
+| [kubernetes_namespace.gateways](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/namespace) | resource |
+| [nullplatform_api_key.nullplatform-base-api-key](https://registry.terraform.io/providers/nullplatform/nullplatform/latest/docs/resources/api_key) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_cluster_name"></a> [cluster\_name](#input\_cluster\_name) | n/a | `string` | n/a | yes |
+| <a name="input_location"></a> [location](#input\_location) | n/a | `string` | n/a | yes |
+| <a name="input_namespace"></a> [namespace](#input\_namespace) | Kubernetes namespace to agent run | `string` | `"nullplatform-tools"` | no |
+| <a name="input_np_api_key"></a> [np\_api\_key](#input\_np\_api\_key) | Nullplatform API key for authentication | `string` | n/a | yes |
+| <a name="input_nrn"></a> [nrn](#input\_nrn) | Identifier Nullplatform Resources Name | `string` | n/a | yes |
+| <a name="input_nullplatform-base-helm-version"></a> [nullplatform-base-helm-version](#input\_nullplatform-base-helm-version) | Helm chart version for the Nullplatform agent | `string` | `"2.12.0"` | no |
+| <a name="input_project_id"></a> [project\_id](#input\_project\_id) | n/a | `string` | n/a | yes |
+<!-- END_TF_DOCS -->
\ No newline at end of file
diff --git a/nullplatform/gcp/base/auth.tf b/nullplatform/gcp/base/auth.tf
new file mode 100644
index 0000000..08ba765
--- /dev/null
+++ b/nullplatform/gcp/base/auth.tf
@@ -0,0 +1,29 @@
+resource "nullplatform_api_key" "nullplatform-base-api-key" {
+  name = "NULLPLATFORM-BASE-API-KEY"
+
+  grants {
+    nrn       = local.nrn_without_namespace
+    role_slug = "controlplane:agent"
+  }
+  grants {
+    nrn       = local.nrn_without_namespace
+    role_slug = "developer"
+  }
+  grants {
+    nrn       = local.nrn_without_namespace
+    role_slug = "ops"
+  }
+  grants {
+    nrn       = local.nrn_without_namespace
+    role_slug = "secops"
+  }
+  grants {
+    nrn       = local.nrn_without_namespace
+    role_slug = "secrets-reader"
+  }
+
+  tags {
+    key   = "managed-by"
+    value = "IaC"
+  }
+}
\ No newline at end of file
diff --git a/nullplatform/gcp/base/locals.tf b/nullplatform/gcp/base/locals.tf
new file mode 100644
index 0000000..1c04d84
--- /dev/null
+++ b/nullplatform/gcp/base/locals.tf
@@ -0,0 +1,7 @@
+locals {
+  nrn_without_namespace = join(":", slice(split(":", var.nrn), 0, 2))
+  nullplatform_base_values = templatefile("${path.module}/templates/nullplatform-base-values.tmpl.yaml", {
+    api_key = nullplatform_api_key.nullplatform-base-api-key.api_key
+
+  })
+}
\ No newline at end of file
diff --git a/nullplatform/gcp/base/main.tf b/nullplatform/gcp/base/main.tf
new file mode 100644
index 0000000..64a09c6
--- /dev/null
+++ b/nullplatform/gcp/base/main.tf
@@ -0,0 +1,27 @@
+resource "kubernetes_namespace" "gateways" {
+  metadata { name = "gateways" }
+}
+
+resource "helm_release" "base" {
+  name              = "nullplatform-base"
+  chart             = "nullplatform-base"
+  repository        = "https://nullplatform.github.io/helm-charts"
+  namespace         = var.namespace
+  version           = var.nullplatform-base-helm-version
+  create_namespace  = true
+  disable_webhooks  = true
+  force_update      = true
+  wait              = true
+  wait_for_jobs     = true
+  timeout           = 600
+  atomic            = true
+  cleanup_on_fail   = true
+  replace           = false
+  recreate_pods     = false
+  reset_values      = false
+  reuse_values      = false
+  dependency_update = true
+  max_history       = 10
+
+  values = [local.nullplatform_base_values]
+}
\ No newline at end of file
diff --git a/nullplatform/gcp/base/providers.tf b/nullplatform/gcp/base/providers.tf
new file mode 100644
index 0000000..15a395e
--- /dev/null
+++ b/nullplatform/gcp/base/providers.tf
@@ -0,0 +1,34 @@
+terraform {
+  required_providers {
+    nullplatform = {
+      source  = "nullplatform/nullplatform"
+      version = "~> 0.0.63"
+    }
+
+    kubernetes = {
+      source  = "hashicorp/kubernetes"
+      version = "~> 2.25"
+    }
+    helm = {
+      source  = "hashicorp/helm"
+      version = "~> 3.0"
+    }
+  }
+}
+
+provider "helm" {
+  kubernetes = {
+    config_path    = var.kubeconfig_path
+    config_context = var.kube_context
+  }
+}
+provider "kubernetes" {
+  config_path = var.kubeconfig_path
+}
+
+
+
+provider "nullplatform" {
+
+  api_key = var.np_api_key
+}
\ No newline at end of file
diff --git a/nullplatform/gcp/base/templates/nullplatform-base-values.tmpl.yaml b/nullplatform/gcp/base/templates/nullplatform-base-values.tmpl.yaml
new file mode 100644
index 0000000..75265e6
--- /dev/null
+++ b/nullplatform/gcp/base/templates/nullplatform-base-values.tmpl.yaml
@@ -0,0 +1,25 @@
+global:
+  provider: "gke"
+  installGatewayV2Crd: true
+gateway:
+  http:
+    enabled: true
+  internal:
+    enabled: true
+logging:
+  enabled: true
+  prometheus:
+    enabled: true
+    exporterPort: 2021
+metricsServer:
+  enabled: false
+controlPlane:
+  enabled: true
+nullplatform:
+  apiKey: "${api_key}"
+gateways:
+  enabled: true
+gatewayAPI:
+  enabled: true
+  crds:
+    install: true
\ No newline at end of file
diff --git a/nullplatform/gcp/base/variables.tf b/nullplatform/gcp/base/variables.tf
new file mode 100644
index 0000000..1a7a615
--- /dev/null
+++ b/nullplatform/gcp/base/variables.tf
@@ -0,0 +1,32 @@
+variable "nullplatform-base-helm-version" {
+  description = "Helm chart version for the Nullplatform agent"
+  type        = string
+  default     = "2.12.0"
+}
+
+variable "namespace" {
+  description = "Kubernetes namespace to agent run"
+  type        = string
+  default     = "nullplatform-tools"
+}
+
+variable "nrn" {
+  description = "Identifier Nullplatform Resources Name"
+  type        = string
+}
+
+variable "np_api_key" {
+  type        = string
+  sensitive   = true
+  description = "Nullplatform API key for authentication"
+}
+
+
+variable "kubeconfig_path" {
+  type    = string
+  default = "~/.kube/config"
+}
+variable "kube_context" {
+  type    = string
+  default = null # o el nombre de tu context
+}
\ No newline at end of file
diff --git a/nullplatform/gcp/cloud/README.md b/nullplatform/gcp/cloud/README.md
new file mode 100644
index 0000000..07816ac
--- /dev/null
+++ b/nullplatform/gcp/cloud/README.md
@@ -0,0 +1,36 @@
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_nullplatform"></a> [nullplatform](#requirement\_nullplatform) | >= 0.0.67 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_nullplatform"></a> [nullplatform](#provider\_nullplatform) | >= 0.0.67 |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [nullplatform_provider_config.gcp](https://registry.terraform.io/providers/nullplatform/nullplatform/latest/docs/resources/provider_config) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_dimensions"></a> [dimensions](#input\_dimensions) | Map of dimension values to configure Nullplatform | `map(string)` | `{}` | no |
+| <a name="input_domain_name"></a> [domain\_name](#input\_domain\_name) | Domain name for the configuration | `string` | n/a | yes |
+| <a name="input_environment"></a> [environment](#input\_environment) | Environment dimension value to which the configuration applies | `string` | n/a | yes |
+| <a name="input_environments"></a> [environments](#input\_environments) | The list of environments | `list(string)` | <pre>[<br/>  "development",<br/>  "staging",<br/>  "production"<br/>]</pre> | no |
+| <a name="input_include_environment"></a> [include\_environment](#input\_include\_environment) | Whether to use Environment as a default dimension | `bool` | `true` | no |
+| <a name="input_location"></a> [location](#input\_location) | n/a | `string` | n/a | yes |
+| <a name="input_np_api_key"></a> [np\_api\_key](#input\_np\_api\_key) | n/a | `string` | n/a | yes |
+| <a name="input_nrn"></a> [nrn](#input\_nrn) | Identifier Nullplatform Resources Name | `string` | n/a | yes |
+| <a name="input_private_dns_zone_name"></a> [private\_dns\_zone\_name](#input\_private\_dns\_zone\_name) | n/a | `string` | n/a | yes |
+| <a name="input_project_id"></a> [project\_id](#input\_project\_id) | n/a | `string` | n/a | yes |
+| <a name="input_public_dns_zone_name"></a> [public\_dns\_zone\_name](#input\_public\_dns\_zone\_name) | n/a | `string` | n/a | yes |
+| <a name="input_service_account_key"></a> [service\_account\_key](#input\_service\_account\_key) | n/a | `string` | n/a | yes |
+<!-- END_TF_DOCS -->
\ No newline at end of file
diff --git a/nullplatform/gcp/cloud/main.tf b/nullplatform/gcp/cloud/main.tf
new file mode 100644
index 0000000..eaccd8f
--- /dev/null
+++ b/nullplatform/gcp/cloud/main.tf
@@ -0,0 +1,32 @@
+
+
+resource "nullplatform_provider_config" "gcp" {
+  nrn        = var.nrn
+  type       = "google-cloud-configuration"
+  dimensions = var.dimensions
+  attributes = jsonencode({
+    "project" : {
+      "id" : var.project_id
+      "location" : var.location
+    },
+    "networking" : {
+      "domain_name" : var.domain_name,
+      "application_domain" : false
+    },
+
+  })
+}
+
+
+resource "nullplatform_dimension" "environment" {
+  name  = "Environment"
+  order = 1
+  nrn   = var.nrn
+}
+
+resource "nullplatform_dimension_value" "environment_value" {
+  for_each     = toset(var.environments)
+  dimension_id = nullplatform_dimension.environment.id
+  name         = each.value
+  nrn          = var.nrn
+}
diff --git a/nullplatform/gcp/cloud/providers.tf b/nullplatform/gcp/cloud/providers.tf
new file mode 100644
index 0000000..a3f18aa
--- /dev/null
+++ b/nullplatform/gcp/cloud/providers.tf
@@ -0,0 +1,12 @@
+terraform {
+  required_providers {
+    nullplatform = {
+      source  = "nullplatform/nullplatform"
+      version = ">= 0.0.67"
+    }
+  }
+}
+provider "nullplatform" {
+
+  api_key = var.np_api_key
+}
\ No newline at end of file
diff --git a/nullplatform/gcp/cloud/variables.tf b/nullplatform/gcp/cloud/variables.tf
new file mode 100644
index 0000000..04c9b87
--- /dev/null
+++ b/nullplatform/gcp/cloud/variables.tf
@@ -0,0 +1,63 @@
+
+variable "nrn" {
+  description = "Identifier Nullplatform Resources Name"
+  type        = string
+}
+
+variable "include_environment" {
+  description = "Whether to use Environment as a default dimension"
+  type        = bool
+  default     = true
+}
+
+variable "domain_name" {
+  description = "Domain name for the configuration"
+  type        = string
+}
+
+
+
+
+variable "dimensions" {
+  description = "Map of dimension values to configure Nullplatform"
+  type        = map(string)
+  default     = {}
+}
+
+
+variable "environments" {
+  type        = list(string)
+  description = "The list of environments"
+  default     = ["development", "staging", "production"]
+}
+
+variable "location" {
+  type = string
+
+}
+
+
+variable "project_id" {
+  type = string
+
+}
+
+variable "np_api_key" {
+  type = string
+
+}
+
+variable "private_dns_zone_name" {
+  type    = string
+  default = ""
+
+}
+variable "public_dns_zone_name" {
+  type    = string
+  default = ""
+}
+variable "service_account_key" {
+  type    = string
+  default = ""
+
+}
\ No newline at end of file