diff --git a/.gitignore b/.gitignore
index fdc6a1bb..a35cbfa6 100644
--- a/.gitignore
+++ b/.gitignore
@@ -62,4 +62,42 @@ deployments/kubehound/kubegraph/dsl/kubehound/target
 test/setup/test-cluster/RBAC/
 
 # poetry file
-poetry.lock
\ No newline at end of file
+poetry.lock
+
+###############################################################################
+# Terraform Files
+###############################################################################
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+crash.*.log
+
+# Exclude all .tfvars files, which are likely to contain sensitive data, such as
+# password, private keys, and other secrets. These should not be part of version 
+# control as they are data points which are potentially sensitive and subject 
+# to change depending on the environment.
+*.tfvars
+*.tfvars.json
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Include override files you do wish to add to version control using negated pattern
+# !example_override.tf
+
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+# example: *tfplan*
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc
\ No newline at end of file
diff --git a/datadog/.terraform.lock.hcl b/datadog/.terraform.lock.hcl
new file mode 100644
index 00000000..89127d90
--- /dev/null
+++ b/datadog/.terraform.lock.hcl
@@ -0,0 +1,23 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/datadog/datadog" {
+  version = "3.36.1"
+  hashes = [
+    "h1:nuyxJ6bneT4D9ye6PFoSzKTNJXZSU0vRIyklVjlde7g=",
+    "zh:0050a5da166dd0b0fbc8db886cf43f706bd05a855e904c0596d32f7ecee49d5c",
+    "zh:02914c69ea305b6e4600fff59d2214a9d75b6d1568a343f87c25cd91d01e68e3",
+    "zh:280de05a3c8c0fe901cb65746d70ef488cee7f63fc86c1b56a7788af8b9510d9",
+    "zh:2a3626924c9fa9a86ecbe8d7641a9c6c6f66f7a73fca3eb58322e37730f7b6dd",
+    "zh:42494ea79b906235a0f5266df60e43134eecad1fa43ab6f1895ec17cca870e59",
+    "zh:66c95e92c3c95a617abf12f2adefc6991567970bdc637f106a25079d488efdff",
+    "zh:6d9fd7ab5b60956f8b6603f2ebee911248e7936e1be128cda9bea2da6c3bf931",
+    "zh:7a50168c1bfb3f147ad3798becfeecad97981850ac3b2127c6754d0988d0694f",
+    "zh:8d8af038e47d8d27cef9a7bf449ea4392ec8152f3fbe2b4076ae1dd721bf97de",
+    "zh:b9975e865c2948b4d668d837b6ab106a2f8d315fb19de709595d17b77c91f4df",
+    "zh:be60425e49319cfdb99b67594f0464b5d6247ec19c715d9078f3c2c34c346ce3",
+    "zh:d9df5882f09aa8b2dc0b317a57a63a85a08603d8fcb9b6ecfc4a05be2f17d763",
+    "zh:dde4938d351a967d53aadf660cb40c6279e76fe99a58da6c0cbb1c5ce26f67da",
+    "zh:ea6f850ca6be07ab6f3cd29ac448789e876bbdc76240695a04f73a253d086fe5",
+  ]
+}
diff --git a/go.mod b/go.mod
index 3442b90e..e754e670 100644
--- a/go.mod
+++ b/go.mod
@@ -6,6 +6,8 @@ require (
 	github.com/DataDog/datadog-go/v5 v5.3.0
 	github.com/alitto/pond v1.8.3
 	github.com/apache/tinkerpop/gremlin-go/v3 v3.7.0
+	github.com/aws/aws-sdk-go-v2/config v1.25.5
+	github.com/aws/aws-sdk-go-v2/service/s3 v1.44.0
 	github.com/go-playground/validator/v10 v10.19.0
 	github.com/hashicorp/go-multierror v1.1.1
 	github.com/spf13/afero v1.10.0
@@ -49,7 +51,6 @@ require (
 	github.com/aws/aws-sdk-go v1.48.3 // indirect
 	github.com/aws/aws-sdk-go-v2 v1.23.1 // indirect
 	github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.5.1 // indirect
-	github.com/aws/aws-sdk-go-v2/config v1.25.5 // indirect
 	github.com/aws/aws-sdk-go-v2/credentials v1.16.4 // indirect
 	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.5 // indirect
 	github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.14.2 // indirect
@@ -61,7 +62,6 @@ require (
 	github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.2.4 // indirect
 	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.4 // indirect
 	github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.16.4 // indirect
-	github.com/aws/aws-sdk-go-v2/service/s3 v1.44.0 // indirect
 	github.com/aws/aws-sdk-go-v2/service/sso v1.17.3 // indirect
 	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.20.1 // indirect
 	github.com/aws/aws-sdk-go-v2/service/sts v1.25.4 // indirect
diff --git a/static-analysis.datadog.yml b/static-analysis.datadog.yml
new file mode 100644
index 00000000..ca85da4a
--- /dev/null
+++ b/static-analysis.datadog.yml
@@ -0,0 +1,4 @@
+rulesets:
+  - go-best-practices
+  - go-security
+ignorePaths: []
diff --git a/test/setup/util.sh b/test/setup/util.sh
index 46cc4358..f56dab40 100644
--- a/test/setup/util.sh
+++ b/test/setup/util.sh
@@ -51,9 +51,9 @@ test_prequisites
 
 function load_env(){
     _printf_warn "Loading env vars from $SCRIPT_DIR/.config ..."
-    if [ -f $SCRIPT_DIR/.config ]; then
+    if [ -f "$SCRIPT_DIR/.config" ]; then
         set -a
-        source $SCRIPT_DIR/.config 
+        source "$SCRIPT_DIR/.config" 
         set +a
     fi
 }