diff --git a/aws/alb/versions.tf b/aws/alb/versions.tf
index ac97c6a..a7f621e 100644
--- a/aws/alb/versions.tf
+++ b/aws/alb/versions.tf
@@ -1,4 +1,11 @@
 
 terraform {
   required_version = ">= 0.12"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 2.0.0, < 5.0.0"
+    }
+  }
 }
diff --git a/aws/asg-ebs/main.tf b/aws/asg-ebs/main.tf
index 11c34e9..8dfa419 100644
--- a/aws/asg-ebs/main.tf
+++ b/aws/asg-ebs/main.tf
@@ -1,10 +1,8 @@
 /*
  * Generate user_data from template file
  */
-data "template_file" "user_data" {
-  template = file("${path.module}/user-data.sh")
-
-  vars = {
+locals {
+  user_data = templatefile("${path.module}/user-data.sh", {
     ecs_cluster_name     = var.ecs_cluster_name
     additional_user_data = var.additional_user_data
     aws_region           = var.aws_region
@@ -18,7 +16,7 @@ data "template_file" "user_data" {
     ebs_mkfs_extraopts   = var.ebs_mkfs_extraopts
     ebs_fs_type          = var.ebs_fs_type
     ebs_mountopts        = var.ebs_mountopts
-  }
+  })
 }
 
 /*
@@ -37,7 +35,7 @@ resource "aws_launch_configuration" "as_conf" {
     volume_size = var.aws_instance["volume_size"]
   }
 
-  user_data = data.template_file.user_data.rendered
+  user_data = local.user_data
 
   lifecycle {
     create_before_destroy = true
diff --git a/aws/asg-ebs/versions.tf b/aws/asg-ebs/versions.tf
index ac97c6a..a7f621e 100644
--- a/aws/asg-ebs/versions.tf
+++ b/aws/asg-ebs/versions.tf
@@ -1,4 +1,11 @@
 
 terraform {
   required_version = ">= 0.12"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 2.0.0, < 5.0.0"
+    }
+  }
 }
diff --git a/aws/asg-efs/main.tf b/aws/asg-efs/main.tf
index a488459..f6672fe 100644
--- a/aws/asg-efs/main.tf
+++ b/aws/asg-efs/main.tf
@@ -1,15 +1,13 @@
 /*
  * Generate user_data from template file
  */
-data "template_file" "user_data" {
-  template = file("${path.module}/user-data.sh")
-
-  vars = {
+locals {
+  user_data = templatefile("${path.module}/user-data.sh", {
     ecs_cluster_name     = var.ecs_cluster_name
     efs_dns_name         = var.efs_dns_name
     mount_point          = var.mount_point
     additional_user_data = var.additional_user_data
-  }
+  })
 }
 
 /*
@@ -28,7 +26,7 @@ resource "aws_launch_configuration" "as_conf" {
     volume_size = var.aws_instance["volume_size"]
   }
 
-  user_data = data.template_file.user_data.rendered
+  user_data = local.user_data
 
   lifecycle {
     create_before_destroy = true
diff --git a/aws/asg-efs/versions.tf b/aws/asg-efs/versions.tf
index ac97c6a..a7f621e 100644
--- a/aws/asg-efs/versions.tf
+++ b/aws/asg-efs/versions.tf
@@ -1,4 +1,11 @@
 
 terraform {
   required_version = ">= 0.12"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 2.0.0, < 5.0.0"
+    }
+  }
 }
diff --git a/aws/asg/main.tf b/aws/asg/main.tf
index e3eaea5..4071307 100644
--- a/aws/asg/main.tf
+++ b/aws/asg/main.tf
@@ -1,13 +1,11 @@
 /*
  * Generate user_data from template file
  */
-data "template_file" "user_data" {
-  template = file("${path.module}/user-data.sh")
-
-  vars = {
+locals {
+  user_data = templatefile("${path.module}/user-data.sh", {
     ecs_cluster_name     = var.ecs_cluster_name
     additional_user_data = var.additional_user_data
-  }
+  })
 }
 
 /*
@@ -26,7 +24,7 @@ resource "aws_launch_configuration" "as_conf" {
     volume_size = var.aws_instance["volume_size"]
   }
 
-  user_data = data.template_file.user_data.rendered
+  user_data = local.user_data
 
   lifecycle {
     create_before_destroy = true
diff --git a/aws/asg/versions.tf b/aws/asg/versions.tf
index ac97c6a..a7f621e 100644
--- a/aws/asg/versions.tf
+++ b/aws/asg/versions.tf
@@ -1,4 +1,11 @@
 
 terraform {
   required_version = ">= 0.12"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 2.0.0, < 5.0.0"
+    }
+  }
 }
diff --git a/aws/cloudflare-sg/versions.tf b/aws/cloudflare-sg/versions.tf
index ac97c6a..a7f621e 100644
--- a/aws/cloudflare-sg/versions.tf
+++ b/aws/cloudflare-sg/versions.tf
@@ -1,4 +1,11 @@
 
 terraform {
   required_version = ">= 0.12"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 2.0.0, < 5.0.0"
+    }
+  }
 }
diff --git a/aws/cloudtrail/main.tf b/aws/cloudtrail/main.tf
index d33881a..779ef0a 100644
--- a/aws/cloudtrail/main.tf
+++ b/aws/cloudtrail/main.tf
@@ -1,38 +1,40 @@
 resource "aws_s3_bucket" "cloudtrail" {
   bucket        = var.s3_bucket_name
   force_destroy = true
+}
+
+resource "aws_s3_bucket_policy" "cloudtrail" {
+  bucket = aws_s3_bucket.cloudtrail.id
 
-  policy = <<POLICY
-{
-    "Version": "2012-10-17",
-    "Statement": [
+  policy = jsonencode(
+    {
+      Version = "2012-10-17"
+      Statement = [
         {
-            "Sid": "AWSCloudTrailAclCheck",
-            "Effect": "Allow",
-            "Principal": {
-              "Service": "cloudtrail.amazonaws.com"
-            },
-            "Action": "s3:GetBucketAcl",
-            "Resource": "arn:aws:s3:::${var.s3_bucket_name}"
+          Sid    = "AWSCloudTrailAclCheck"
+          Effect = "Allow"
+          Principal = {
+            Service = "cloudtrail.amazonaws.com"
+          }
+          Action   = "s3:GetBucketAcl"
+          Resource = "arn:aws:s3:::${var.s3_bucket_name}"
         },
         {
-            "Sid": "AWSCloudTrailWrite",
-            "Effect": "Allow",
-            "Principal": {
-              "Service": "cloudtrail.amazonaws.com"
-            },
-            "Action": "s3:PutObject",
-            "Resource": "arn:aws:s3:::${var.s3_bucket_name}/*",
-            "Condition": {
-                "StringEquals": {
-                    "s3:x-amz-acl": "bucket-owner-full-control"
-                }
+          Sid    = "AWSCloudTrailWrite"
+          Effect = "Allow"
+          Principal = {
+            Service = "cloudtrail.amazonaws.com"
+          }
+          Action   = "s3:PutObject"
+          Resource = "arn:aws:s3:::${var.s3_bucket_name}/*"
+          Condition = {
+            StringEquals = {
+              "s3:x-amz-acl" = "bucket-owner-full-control"
             }
-        }
-    ]
-}
-POLICY
-
+          }
+        },
+      ]
+  })
 }
 
 resource "aws_iam_user" "cloudtrail-s3" {
@@ -43,26 +45,24 @@ resource "aws_iam_user_policy" "cloudtrail-s3" {
   name = "cloudtrail-s3"
   user = aws_iam_user.cloudtrail-s3.name
 
-  policy = <<EOF
-{
-  "Version": "2012-10-17",
-  "Statement": [
+  policy = jsonencode(
     {
-      "Effect": "Allow",
-      "Action": [
-        "s3:GetBucketPolicy",
-        "s3:GetObject",
-        "s3:ListBucket"
-      ],
-      "Resource": [
-          "${aws_s3_bucket.cloudtrail.arn}",
-          "${aws_s3_bucket.cloudtrail.arn}/*"
+      Version = "2012-10-17"
+      Statement = [
+        {
+          Effect = "Allow"
+          Action = [
+            "s3:GetBucketPolicy",
+            "s3:GetObject",
+            "s3:ListBucket",
+          ],
+          Resource = [
+            aws_s3_bucket.cloudtrail.arn,
+            "${aws_s3_bucket.cloudtrail.arn}/*",
+          ]
+        },
       ]
-    }
-  ]
-}
-EOF
-
+  })
 }
 
 resource "aws_cloudtrail" "cloudtrail" {
diff --git a/aws/cloudtrail/versions.tf b/aws/cloudtrail/versions.tf
index ac97c6a..a7f621e 100644
--- a/aws/cloudtrail/versions.tf
+++ b/aws/cloudtrail/versions.tf
@@ -1,4 +1,11 @@
 
 terraform {
   required_version = ">= 0.12"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 2.0.0, < 5.0.0"
+    }
+  }
 }
diff --git a/aws/ecr/main.tf b/aws/ecr/main.tf
index d3aa5fb..870a9f9 100644
--- a/aws/ecr/main.tf
+++ b/aws/ecr/main.tf
@@ -5,18 +5,16 @@ resource "aws_ecr_repository" "repo" {
   name = var.repo_name
 }
 
-data "template_file" "repo_policy" {
-  template = file("${path.module}/ecr-policy.json")
-
-  vars = {
+locals {
+  repo_policy = templatefile("${path.module}/ecr-policy.json", {
     ecsInstanceRole_arn = var.ecsInstanceRole_arn
     ecsServiceRole_arn  = var.ecsServiceRole_arn
     cd_user_arn         = var.cd_user_arn
-  }
+  })
 }
 
 resource "aws_ecr_repository_policy" "policy" {
   repository = aws_ecr_repository.repo.name
-  policy     = data.template_file.repo_policy.rendered
+  policy     = local.repo_policy
 }
 
diff --git a/aws/ecr/versions.tf b/aws/ecr/versions.tf
index ac97c6a..a7f621e 100644
--- a/aws/ecr/versions.tf
+++ b/aws/ecr/versions.tf
@@ -1,4 +1,11 @@
 
 terraform {
   required_version = ">= 0.12"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 2.0.0, < 5.0.0"
+    }
+  }
 }
diff --git a/aws/ecs/cluster/main.tf b/aws/ecs/cluster/main.tf
index 7e7598e..1a58cf2 100644
--- a/aws/ecs/cluster/main.tf
+++ b/aws/ecs/cluster/main.tf
@@ -27,13 +27,13 @@ resource "random_id" "code" {
 
 resource "aws_iam_role" "ecsInstanceRole" {
   name               = "ecsInstanceRole-${random_id.code.hex}"
-  assume_role_policy = var.ecsInstanceRoleAssumeRolePolicy
+  assume_role_policy = local.ecsInstanceRoleAssumeRolePolicy
 }
 
 resource "aws_iam_role_policy" "ecsInstanceRolePolicy" {
   name   = "ecsInstanceRolePolicy-${random_id.code.hex}"
   role   = aws_iam_role.ecsInstanceRole.id
-  policy = var.ecsInstancerolePolicy
+  policy = local.ecsInstancerolePolicy
 }
 
 /*
@@ -41,13 +41,13 @@ resource "aws_iam_role_policy" "ecsInstanceRolePolicy" {
  */
 resource "aws_iam_role" "ecsServiceRole" {
   name               = "ecsServiceRole-${random_id.code.hex}"
-  assume_role_policy = var.ecsServiceRoleAssumeRolePolicy
+  assume_role_policy = local.ecsServiceRoleAssumeRolePolicy
 }
 
 resource "aws_iam_role_policy" "ecsServiceRolePolicy" {
   name   = "ecsServiceRolePolicy-${random_id.code.hex}"
   role   = aws_iam_role.ecsServiceRole.id
-  policy = var.ecsServiceRolePolicy
+  policy = local.ecsServiceRolePolicy
 }
 
 resource "aws_iam_instance_profile" "ecsInstanceProfile" {
@@ -55,3 +55,80 @@ resource "aws_iam_instance_profile" "ecsInstanceProfile" {
   role = aws_iam_role.ecsInstanceRole.name
 }
 
+locals {
+  ecsInstanceRoleAssumeRolePolicy = jsonencode(
+    {
+      Version = "2008-10-17"
+      Statement = [
+        {
+          Sid    = ""
+          Effect = "Allow"
+          Principal = {
+            Service = "ec2.amazonaws.com"
+          }
+          Action = "sts:AssumeRole"
+        },
+      ]
+  })
+
+  ecsInstancerolePolicy = jsonencode(
+    {
+      Version = "2012-10-17"
+      Statement = [
+        {
+          Effect = "Allow"
+          Action = [
+            "ecs:CreateCluster",
+            "ecs:DeregisterContainerInstance",
+            "ecs:DiscoverPollEndpoint",
+            "ecs:Poll",
+            "ecs:RegisterContainerInstance",
+            "ecs:StartTelemetrySession",
+            "ecs:Submit*",
+            "ecr:GetAuthorizationToken",
+            "ecr:BatchCheckLayerAvailability",
+            "ecr:GetDownloadUrlForLayer",
+            "ecr:BatchGetImage",
+            "logs:CreateLogStream",
+            "logs:PutLogEvents",
+          ]
+          Resource = "*"
+        }
+      ]
+  })
+
+  ecsServiceRoleAssumeRolePolicy = jsonencode(
+    {
+      Version = "2008-10-17"
+      Statement = [
+        {
+          Sid    = ""
+          Effect = "Allow"
+          Principal = {
+            Service = "ecs.amazonaws.com"
+          }
+          Action = "sts:AssumeRole"
+        },
+      ]
+  })
+
+  ecsServiceRolePolicy = jsonencode(
+    {
+      Version = "2012-10-17"
+      Statement = [
+        {
+          Effect = "Allow"
+          Action = [
+            "ec2:AuthorizeSecurityGroupIngress",
+            "ec2:Describe*",
+            "elasticloadbalancing:DeregisterInstancesFromLoadBalancer",
+            "elasticloadbalancing:DeregisterTargets",
+            "elasticloadbalancing:Describe*",
+            "elasticloadbalancing:RegisterInstancesWithLoadBalancer",
+            "elasticloadbalancing:RegisterTargets"
+          ]
+          Resource = "*"
+        },
+      ]
+  })
+}
diff --git a/aws/ecs/cluster/vars.tf b/aws/ecs/cluster/vars.tf
index a20f491..36348f7 100644
--- a/aws/ecs/cluster/vars.tf
+++ b/aws/ecs/cluster/vars.tf
@@ -16,102 +16,3 @@ variable "amiFilter" {
   type    = string
   default = "amzn2-ami-ecs-hvm-*-x86_64-ebs"
 }
-
-variable "ecsInstanceRoleAssumeRolePolicy" {
-  type = string
-
-  default = <<EOF
-{
-  "Version": "2008-10-17",
-  "Statement": [
-    {
-      "Sid": "",
-      "Effect": "Allow",
-      "Principal": {
-        "Service": "ec2.amazonaws.com"
-      },
-      "Action": "sts:AssumeRole"
-    }
-  ]
-}
-EOF
-
-}
-
-variable "ecsInstancerolePolicy" {
-  type = string
-
-  default = <<EOF
-{
-  "Version": "2012-10-17",
-  "Statement": [
-    {
-      "Effect": "Allow",
-      "Action": [
-        "ecs:CreateCluster",
-        "ecs:DeregisterContainerInstance",
-        "ecs:DiscoverPollEndpoint",
-        "ecs:Poll",
-        "ecs:RegisterContainerInstance",
-        "ecs:StartTelemetrySession",
-        "ecs:Submit*",
-        "ecr:GetAuthorizationToken",
-        "ecr:BatchCheckLayerAvailability",
-        "ecr:GetDownloadUrlForLayer",
-        "ecr:BatchGetImage",
-        "logs:CreateLogStream",
-        "logs:PutLogEvents"
-      ],
-      "Resource": "*"
-    }
-  ]
-}
-EOF
-
-}
-
-variable "ecsServiceRoleAssumeRolePolicy" {
-  type = string
-
-  default = <<EOF
-{
-  "Version": "2008-10-17",
-  "Statement": [
-    {
-      "Sid": "",
-      "Effect": "Allow",
-      "Principal": {
-        "Service": "ecs.amazonaws.com"
-      },
-      "Action": "sts:AssumeRole"
-    }
-  ]
-}
-EOF
-
-}
-
-variable "ecsServiceRolePolicy" {
-  default = <<EOF
-{
-  "Version": "2012-10-17",
-  "Statement": [
-    {
-      "Effect": "Allow",
-      "Action": [
-        "ec2:AuthorizeSecurityGroupIngress",
-        "ec2:Describe*",
-        "elasticloadbalancing:DeregisterInstancesFromLoadBalancer",
-        "elasticloadbalancing:DeregisterTargets",
-        "elasticloadbalancing:Describe*",
-        "elasticloadbalancing:RegisterInstancesWithLoadBalancer",
-        "elasticloadbalancing:RegisterTargets"
-      ],
-      "Resource": "*"
-    }
-  ]
-}
-EOF
-
-}
-
diff --git a/aws/ecs/cluster/versions.tf b/aws/ecs/cluster/versions.tf
index ac97c6a..80b1c77 100644
--- a/aws/ecs/cluster/versions.tf
+++ b/aws/ecs/cluster/versions.tf
@@ -1,4 +1,15 @@
 
 terraform {
   required_version = ">= 0.12"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 2.0.0, < 5.0.0"
+    }
+    random = {
+      source  = "hashicorp/random"
+      version = ">= 2.1.0, < 4.0.0"
+    }
+  }
 }
diff --git a/aws/ecs/service-no-alb-with-volume/versions.tf b/aws/ecs/service-no-alb-with-volume/versions.tf
index ac97c6a..a7f621e 100644
--- a/aws/ecs/service-no-alb-with-volume/versions.tf
+++ b/aws/ecs/service-no-alb-with-volume/versions.tf
@@ -1,4 +1,11 @@
 
 terraform {
   required_version = ">= 0.12"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 2.0.0, < 5.0.0"
+    }
+  }
 }
diff --git a/aws/ecs/service-no-alb/versions.tf b/aws/ecs/service-no-alb/versions.tf
index ac97c6a..a7f621e 100644
--- a/aws/ecs/service-no-alb/versions.tf
+++ b/aws/ecs/service-no-alb/versions.tf
@@ -1,4 +1,11 @@
 
 terraform {
   required_version = ">= 0.12"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 2.0.0, < 5.0.0"
+    }
+  }
 }
diff --git a/aws/ecs/service-only-with-volume/versions.tf b/aws/ecs/service-only-with-volume/versions.tf
index ac97c6a..a7f621e 100644
--- a/aws/ecs/service-only-with-volume/versions.tf
+++ b/aws/ecs/service-only-with-volume/versions.tf
@@ -1,4 +1,11 @@
 
 terraform {
   required_version = ">= 0.12"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 2.0.0, < 5.0.0"
+    }
+  }
 }
diff --git a/aws/ecs/service-only/versions.tf b/aws/ecs/service-only/versions.tf
index ac97c6a..a7f621e 100644
--- a/aws/ecs/service-only/versions.tf
+++ b/aws/ecs/service-only/versions.tf
@@ -1,4 +1,11 @@
 
 terraform {
   required_version = ">= 0.12"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 2.0.0, < 5.0.0"
+    }
+  }
 }
diff --git a/aws/elasticache/memcache/versions.tf b/aws/elasticache/memcache/versions.tf
index ac97c6a..a7f621e 100644
--- a/aws/elasticache/memcache/versions.tf
+++ b/aws/elasticache/memcache/versions.tf
@@ -1,4 +1,11 @@
 
 terraform {
   required_version = ">= 0.12"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 2.0.0, < 5.0.0"
+    }
+  }
 }
diff --git a/aws/elasticache/redis/versions.tf b/aws/elasticache/redis/versions.tf
index ac97c6a..a7f621e 100644
--- a/aws/elasticache/redis/versions.tf
+++ b/aws/elasticache/redis/versions.tf
@@ -1,4 +1,11 @@
 
 terraform {
   required_version = ">= 0.12"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 2.0.0, < 5.0.0"
+    }
+  }
 }
diff --git a/aws/rds/mariadb/versions.tf b/aws/rds/mariadb/versions.tf
index ac97c6a..a7f621e 100644
--- a/aws/rds/mariadb/versions.tf
+++ b/aws/rds/mariadb/versions.tf
@@ -1,4 +1,11 @@
 
 terraform {
   required_version = ">= 0.12"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 2.0.0, < 5.0.0"
+    }
+  }
 }
diff --git a/aws/vpc-public-only/versions.tf b/aws/vpc-public-only/versions.tf
index ac97c6a..a7f621e 100644
--- a/aws/vpc-public-only/versions.tf
+++ b/aws/vpc-public-only/versions.tf
@@ -1,4 +1,11 @@
 
 terraform {
   required_version = ">= 0.12"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 2.0.0, < 5.0.0"
+    }
+  }
 }
diff --git a/aws/vpc/versions.tf b/aws/vpc/versions.tf
index ac97c6a..a7f621e 100644
--- a/aws/vpc/versions.tf
+++ b/aws/vpc/versions.tf
@@ -1,4 +1,11 @@
 
 terraform {
   required_version = ">= 0.12"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 2.0.0, < 5.0.0"
+    }
+  }
 }
diff --git a/cloudflare/ips/versions.tf b/cloudflare/ips/versions.tf
index ac97c6a..5395a82 100644
--- a/cloudflare/ips/versions.tf
+++ b/cloudflare/ips/versions.tf
@@ -1,4 +1,15 @@
 
 terraform {
   required_version = ">= 0.12"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 2.0.0, < 5.0.0"
+    }
+    http = {
+      source  = "hashicorp/http"
+      version = ">= 1.1.0, < 3.0.0"
+    }
+  }
 }