diff --git a/terraform/modules/aks-rancher-k8s/main.tf b/terraform/modules/aks-rancher-k8s/main.tf
index 21221e41..7dcd3a4d 100644
--- a/terraform/modules/aks-rancher-k8s/main.tf
+++ b/terraform/modules/aks-rancher-k8s/main.tf
@@ -2,51 +2,52 @@ data "external" "rancher_cluster" {
   program = ["bash", "${path.module}/files/rancher_cluster_import.sh"]
 
   query = {
-    rancher_api_url    = "${var.rancher_api_url}"
-    rancher_access_key = "${var.rancher_access_key}"
-    rancher_secret_key = "${var.rancher_secret_key}"
-    name               = "${var.name}"
+    rancher_api_url    = var.rancher_api_url
+    rancher_access_key = var.rancher_access_key
+    rancher_secret_key = var.rancher_secret_key
+    name               = var.name
   }
 }
 
 provider "azurerm" {
-  subscription_id = "${var.azure_subscription_id}"
-  client_id       = "${var.azure_client_id}"
-  client_secret   = "${var.azure_client_secret}"
-  tenant_id       = "${var.azure_tenant_id}"
-  environment     = "${var.azure_environment}"
+  version         = "=2.0.0"
+  subscription_id = var.azure_subscription_id
+  client_id       = var.azure_client_id
+  client_secret   = var.azure_client_secret
+  tenant_id       = var.azure_tenant_id
+  environment     = var.azure_environment
 }
 
 resource "azurerm_resource_group" "resource_group" {
   name     = "${var.name}-resource_group"
-  location = "${var.azure_location}"
+  location = var.azure_location
 }
 
 resource "azurerm_kubernetes_cluster" "primary" {
-  name                = "${var.name}"
-  location            = "${azurerm_resource_group.resource_group.location}"
-  resource_group_name = "${azurerm_resource_group.resource_group.name}"
-  dns_prefix          = "${var.name}"
+  name                = var.name
+  location            = azurerm_resource_group.resource_group.location
+  resource_group_name = azurerm_resource_group.resource_group.name
+  dns_prefix          = var.name
 
-  kubernetes_version = "${var.k8s_version}"
+  kubernetes_version = var.k8s_version
 
   linux_profile {
-    admin_username = "${var.azure_ssh_user}"
+    admin_username = var.azure_ssh_user
 
     ssh_key {
-      key_data = "${file(var.azure_public_key_path)}"
+      key_data = file(var.azure_public_key_path)
     }
   }
 
-  agent_pool_profile {
-    name    = "default"
-    count   = "${var.node_count}"
-    vm_size = "${var.azure_size}"
+  default_node_pool {
+    name       = "default"
+    node_count = var.node_count
+    vm_size    = var.azure_size
   }
 
   service_principal {
-    client_id     = "${var.azure_client_id}"
-    client_secret = "${var.azure_client_secret}"
+    client_id     = var.azure_client_id
+    client_secret = var.azure_client_secret
   }
 }
 
@@ -56,19 +57,23 @@ locals {
 
 # Bootstrap rancher in aks environment
 resource "null_resource" "import_rancher" {
-  triggers {
-    cluster = "${azurerm_kubernetes_cluster.primary.id}"
+  triggers = {
+    cluster = azurerm_kubernetes_cluster.primary.id
   }
 
   provisioner "local-exec" {
-    command = "${format("cat << EOF > %s \n%s\nEOF", local.kube_config_path, azurerm_kubernetes_cluster.primary.kube_config_raw)}"
+    command = format(
+      "cat << EOF > %s \n%s\nEOF",
+      local.kube_config_path,
+      azurerm_kubernetes_cluster.primary.kube_config_raw,
+    )
   }
 
   provisioner "local-exec" {
     command = "curl --insecure -sfL ${var.rancher_api_url}/v3/import/${data.external.rancher_cluster.result.registration_token}.yaml | kubectl apply -f -"
 
-    environment {
-      KUBECONFIG = "${local.kube_config_path}"
+    environment = {
+      KUBECONFIG = local.kube_config_path
     }
   }
 
@@ -76,3 +81,4 @@ resource "null_resource" "import_rancher" {
     command = "rm ${local.kube_config_path}"
   }
 }
+
diff --git a/terraform/modules/aks-rancher-k8s/outputs.tf b/terraform/modules/aks-rancher-k8s/outputs.tf
index 5af2b9e1..5239f359 100644
--- a/terraform/modules/aks-rancher-k8s/outputs.tf
+++ b/terraform/modules/aks-rancher-k8s/outputs.tf
@@ -1,11 +1,12 @@
 output "rancher_cluster_id" {
-  value = "${lookup(data.external.rancher_cluster.result, "cluster_id")}"
+  value = data.external.rancher_cluster.result["cluster_id"]
 }
 
 output "rancher_cluster_registration_token" {
-  value = "${lookup(data.external.rancher_cluster.result, "registration_token")}"
+  value = data.external.rancher_cluster.result["registration_token"]
 }
 
 output "rancher_cluster_ca_checksum" {
-  value = "${lookup(data.external.rancher_cluster.result, "ca_checksum")}"
-}
\ No newline at end of file
+  value = data.external.rancher_cluster.result["ca_checksum"]
+}
+
diff --git a/terraform/modules/aks-rancher-k8s/variables.tf b/terraform/modules/aks-rancher-k8s/variables.tf
index 05bca0fa..cf1dc64c 100644
--- a/terraform/modules/aks-rancher-k8s/variables.tf
+++ b/terraform/modules/aks-rancher-k8s/variables.tf
@@ -14,21 +14,27 @@ variable "rancher_secret_key" {
   description = ""
 }
 
-variable "azure_subscription_id" {}
+variable "azure_subscription_id" {
+}
 
-variable "azure_client_id" {}
+variable "azure_client_id" {
+}
 
-variable "azure_client_secret" {}
+variable "azure_client_secret" {
+}
 
-variable "azure_tenant_id" {}
+variable "azure_tenant_id" {
+}
 
 variable "azure_environment" {
   default = "public"
 }
 
-variable "azure_location" {}
+variable "azure_location" {
+}
 
-variable "azure_size" {}
+variable "azure_size" {
+}
 
 variable "azure_ssh_user" {
   default = "root"
@@ -42,4 +48,6 @@ variable "k8s_version" {
   default = "1.9.6"
 }
 
-variable "node_count" {}
+variable "node_count" {
+}
+
diff --git a/terraform/modules/aks-rancher-k8s/versions.tf b/terraform/modules/aks-rancher-k8s/versions.tf
new file mode 100644
index 00000000..ac97c6ac
--- /dev/null
+++ b/terraform/modules/aks-rancher-k8s/versions.tf
@@ -0,0 +1,4 @@
+
+terraform {
+  required_version = ">= 0.12"
+}
diff --git a/terraform/modules/aws-rancher-k8s-host/main.tf b/terraform/modules/aws-rancher-k8s-host/main.tf
index cfe45d84..477a2854 100644
--- a/terraform/modules/aws-rancher-k8s-host/main.tf
+++ b/terraform/modules/aws-rancher-k8s-host/main.tf
@@ -1,55 +1,53 @@
 provider "aws" {
-  access_key = "${var.aws_access_key}"
-  secret_key = "${var.aws_secret_key}"
-  region     = "${var.aws_region}"
+  version    = "~> 2.0"
+  access_key = var.aws_access_key
+  secret_key = var.aws_secret_key
+  region     = var.aws_region
 }
 
 locals {
-  rancher_node_role = "${element(keys(var.rancher_host_labels), 0)}"
+  rancher_node_role = element(keys(var.rancher_host_labels), 0)
 }
 
 data "template_file" "install_rancher_agent" {
-  template = "${file("${path.module}/files/install_rancher_agent.sh.tpl")}"
+  template = file("${path.module}/files/install_rancher_agent.sh.tpl")
 
-  vars {
-    hostname                  = "${var.hostname}"
-    docker_engine_install_url = "${var.docker_engine_install_url}"
-
-    rancher_api_url                    = "${var.rancher_api_url}"
-    rancher_cluster_registration_token = "${var.rancher_cluster_registration_token}"
-    rancher_cluster_ca_checksum        = "${var.rancher_cluster_ca_checksum}"
-    rancher_node_role                  = "${local.rancher_node_role == "control" ? "controlplane" : local.rancher_node_role}"
-    rancher_agent_image                = "${var.rancher_agent_image}"
-
-    rancher_registry          = "${var.rancher_registry}"
-    rancher_registry_username = "${var.rancher_registry_username}"
-    rancher_registry_password = "${var.rancher_registry_password}"
-
-    volume_device_name = "${var.ebs_volume_device_name}"
-    volume_mount_path  = "${var.ebs_volume_mount_path}"
+  vars = {
+    hostname                           = var.hostname
+    docker_engine_install_url          = var.docker_engine_install_url
+    rancher_api_url                    = var.rancher_api_url
+    rancher_cluster_registration_token = var.rancher_cluster_registration_token
+    rancher_cluster_ca_checksum        = var.rancher_cluster_ca_checksum
+    rancher_node_role                  = local.rancher_node_role == "control" ? "controlplane" : local.rancher_node_role
+    rancher_agent_image                = var.rancher_agent_image
+    rancher_registry                   = var.rancher_registry
+    rancher_registry_username          = var.rancher_registry_username
+    rancher_registry_password          = var.rancher_registry_password
+    volume_device_name                 = var.ebs_volume_device_name
+    volume_mount_path                  = var.ebs_volume_mount_path
   }
 }
 
 resource "aws_instance" "host" {
-  ami                    = "${var.aws_ami_id}"
-  instance_type          = "${var.aws_instance_type}"
-  subnet_id              = "${var.aws_subnet_id}"
-  vpc_security_group_ids = ["${var.aws_security_group_id}"]
-  key_name               = "${var.aws_key_name}"
+  ami                    = var.aws_ami_id
+  instance_type          = var.aws_instance_type
+  subnet_id              = var.aws_subnet_id
+  vpc_security_group_ids = [var.aws_security_group_id]
+  key_name               = var.aws_key_name
 
   tags = {
-    Name = "${var.hostname}"
+    Name = var.hostname
   }
 
-  user_data = "${data.template_file.install_rancher_agent.rendered}"
+  user_data = data.template_file.install_rancher_agent.rendered
 }
 
 resource "aws_ebs_volume" "host_volume" {
-  count = "${var.ebs_volume_device_name != "" ? 1 : 0}"
+  count = var.ebs_volume_device_name != "" ? 1 : 0
 
-  availability_zone = "${aws_instance.host.availability_zone}"
-  type              = "${var.ebs_volume_type}"
-  size              = "${var.ebs_volume_size}"
+  availability_zone = aws_instance.host.availability_zone
+  type              = var.ebs_volume_type
+  size              = var.ebs_volume_size
 
   tags = {
     Name = "${var.hostname}-volume"
@@ -57,12 +55,13 @@ resource "aws_ebs_volume" "host_volume" {
 }
 
 resource "aws_volume_attachment" "host_volume_attachment" {
-  count = "${var.ebs_volume_device_name != "" ? 1 : 0}"
+  count = var.ebs_volume_device_name != "" ? 1 : 0
 
   # Forcing detach to prevent VolumeInUse error
   force_detach = true
 
-  device_name = "${var.ebs_volume_device_name}"
-  volume_id   = "${aws_ebs_volume.host_volume.id}"
-  instance_id = "${aws_instance.host.id}"
+  device_name = var.ebs_volume_device_name
+  volume_id   = aws_ebs_volume.host_volume[0].id
+  instance_id = aws_instance.host.id
 }
+
diff --git a/terraform/modules/aws-rancher-k8s-host/outputs.tf b/terraform/modules/aws-rancher-k8s-host/outputs.tf
deleted file mode 100644
index 8b137891..00000000
--- a/terraform/modules/aws-rancher-k8s-host/outputs.tf
+++ /dev/null
@@ -1 +0,0 @@
-
diff --git a/terraform/modules/aws-rancher-k8s-host/variables.tf b/terraform/modules/aws-rancher-k8s-host/variables.tf
index a4454990..98e70254 100644
--- a/terraform/modules/aws-rancher-k8s-host/variables.tf
+++ b/terraform/modules/aws-rancher-k8s-host/variables.tf
@@ -6,12 +6,14 @@ variable "rancher_api_url" {
   description = ""
 }
 
-variable "rancher_cluster_registration_token" {}
+variable "rancher_cluster_registration_token" {
+}
 
-variable "rancher_cluster_ca_checksum" {}
+variable "rancher_cluster_ca_checksum" {
+}
 
 variable "rancher_host_labels" {
-  type        = "map"
+  type        = map(string)
   description = "A map of key/value pairs that get passed to the rancher agent on the host."
 }
 
@@ -92,3 +94,4 @@ variable "ebs_volume_size" {
   default     = ""
   description = "The size of the volume, in GiBs."
 }
+
diff --git a/terraform/modules/aws-rancher-k8s-host/versions.tf b/terraform/modules/aws-rancher-k8s-host/versions.tf
new file mode 100644
index 00000000..ac97c6ac
--- /dev/null
+++ b/terraform/modules/aws-rancher-k8s-host/versions.tf
@@ -0,0 +1,4 @@
+
+terraform {
+  required_version = ">= 0.12"
+}
diff --git a/terraform/modules/aws-rancher-k8s/main.tf b/terraform/modules/aws-rancher-k8s/main.tf
index a2f89fb1..d551e7c7 100644
--- a/terraform/modules/aws-rancher-k8s/main.tf
+++ b/terraform/modules/aws-rancher-k8s/main.tf
@@ -2,87 +2,88 @@ data "external" "rancher_cluster" {
   program = ["bash", "${path.module}/files/rancher_cluster.sh"]
 
   query = {
-    rancher_api_url       = "${var.rancher_api_url}"
-    rancher_access_key    = "${var.rancher_access_key}"
-    rancher_secret_key    = "${var.rancher_secret_key}"
-    name                  = "${var.name}"
-    k8s_version           = "${var.k8s_version}"
-    k8s_network_provider  = "${var.k8s_network_provider}"
-    k8s_registry          = "${var.k8s_registry}"
-    k8s_registry_username = "${var.k8s_registry_username}"
-    k8s_registry_password = "${var.k8s_registry_password}"
+    rancher_api_url       = var.rancher_api_url
+    rancher_access_key    = var.rancher_access_key
+    rancher_secret_key    = var.rancher_secret_key
+    name                  = var.name
+    k8s_version           = var.k8s_version
+    k8s_network_provider  = var.k8s_network_provider
+    k8s_registry          = var.k8s_registry
+    k8s_registry_username = var.k8s_registry_username
+    k8s_registry_password = var.k8s_registry_password
   }
 }
 
 /* Setup our aws provider */
 provider "aws" {
-  access_key = "${var.aws_access_key}"
-  secret_key = "${var.aws_secret_key}"
-  region     = "${var.aws_region}"
+  version    = "~> 2.0"
+  access_key = var.aws_access_key
+  secret_key = var.aws_secret_key
+  region     = var.aws_region
 }
 
 /* Define our vpc */
 resource "aws_vpc" "default" {
-  cidr_block = "${var.aws_vpc_cidr}"
+  cidr_block = var.aws_vpc_cidr
 
-  tags {
-    Name = "${var.name}"
+  tags = {
+    Name = var.name
   }
 }
 
 resource "aws_internet_gateway" "default" {
-  vpc_id = "${aws_vpc.default.id}"
+  vpc_id = aws_vpc.default.id
 }
 
 resource "aws_subnet" "public" {
-  vpc_id                  = "${aws_vpc.default.id}"
-  cidr_block              = "${var.aws_subnet_cidr}"
+  vpc_id                  = aws_vpc.default.id
+  cidr_block              = var.aws_subnet_cidr
   map_public_ip_on_launch = true
-  depends_on              = ["aws_internet_gateway.default"]
+  depends_on              = [aws_internet_gateway.default]
 
-  tags {
+  tags = {
     Name = "public"
   }
 }
 
 resource "aws_route_table" "public" {
-  vpc_id = "${aws_vpc.default.id}"
+  vpc_id = aws_vpc.default.id
 
   route {
     cidr_block = "0.0.0.0/0"
-    gateway_id = "${aws_internet_gateway.default.id}"
+    gateway_id = aws_internet_gateway.default.id
   }
 }
 
 resource "aws_route_table_association" "public" {
-  subnet_id      = "${aws_subnet.public.id}"
-  route_table_id = "${aws_route_table.public.id}"
+  subnet_id      = aws_subnet.public.id
+  route_table_id = aws_route_table.public.id
 }
 
 resource "aws_key_pair" "deployer" {
   // Only attempt to create the key pair if the public key was provided
-  count = "${var.aws_public_key_path != "" ? 1 : 0}"
+  count = var.aws_public_key_path != "" ? 1 : 0
 
-  key_name   = "${var.aws_key_name}"
-  public_key = "${file("${var.aws_public_key_path}")}"
+  key_name   = var.aws_key_name
+  public_key = file(var.aws_public_key_path)
 }
 
 # Firewall requirements taken from:
 # https://rancher.com/docs/rancher/v2.0/en/quick-start-guide/
 resource "aws_security_group" "rke_ports" {
-  name        = "${var.name}"
+  name        = var.name
   description = "Security group for rancher hosts in ${var.name} cluster"
-  vpc_id      = "${aws_vpc.default.id}"
+  vpc_id      = aws_vpc.default.id
 
   ingress {
-    from_port = "22"  # SSH
+    from_port = "22" # SSH
     to_port   = "22"
     protocol  = "tcp"
     self      = true
   }
 
   ingress {
-    from_port = "80"  # Canal
+    from_port = "80" # Canal
     to_port   = "80"
     protocol  = "tcp"
     self      = true
@@ -151,3 +152,4 @@ resource "aws_security_group" "rke_ports" {
     cidr_blocks = ["0.0.0.0/0"]
   }
 }
+
diff --git a/terraform/modules/aws-rancher-k8s/outputs.tf b/terraform/modules/aws-rancher-k8s/outputs.tf
index 88fa1f5f..1b33c47d 100644
--- a/terraform/modules/aws-rancher-k8s/outputs.tf
+++ b/terraform/modules/aws-rancher-k8s/outputs.tf
@@ -1,23 +1,24 @@
 output "rancher_cluster_id" {
-  value = "${lookup(data.external.rancher_cluster.result, "cluster_id")}"
+  value = data.external.rancher_cluster.result["cluster_id"]
 }
 
 output "rancher_cluster_registration_token" {
-  value = "${lookup(data.external.rancher_cluster.result, "registration_token")}"
+  value = data.external.rancher_cluster.result["registration_token"]
 }
 
 output "rancher_cluster_ca_checksum" {
-  value = "${lookup(data.external.rancher_cluster.result, "ca_checksum")}"
+  value = data.external.rancher_cluster.result["ca_checksum"]
 }
 
 output "aws_subnet_id" {
-  value = "${aws_subnet.public.id}"
+  value = aws_subnet.public.id
 }
 
 output "aws_security_group_id" {
-  value = "${aws_security_group.rke_ports.id}"
+  value = aws_security_group.rke_ports.id
 }
 
 output "aws_key_name" {
-  value = "${var.aws_key_name}"
+  value = var.aws_key_name
 }
+
diff --git a/terraform/modules/aws-rancher-k8s/variables.tf b/terraform/modules/aws-rancher-k8s/variables.tf
index bcd06996..4ef64ecb 100644
--- a/terraform/modules/aws-rancher-k8s/variables.tf
+++ b/terraform/modules/aws-rancher-k8s/variables.tf
@@ -14,11 +14,11 @@ variable "rancher_secret_key" {
   description = ""
 }
 
-variable k8s_version {
+variable "k8s_version" {
   default = "v1.17.6-rancher2-1"
 }
 
-variable k8s_network_provider {
+variable "k8s_network_provider" {
   default = "flannel"
 }
 
@@ -87,3 +87,4 @@ variable "aws_public_key_path" {
 variable "aws_key_name" {
   description = "Name of the public key to be used for provisioning"
 }
+
diff --git a/terraform/modules/aws-rancher-k8s/versions.tf b/terraform/modules/aws-rancher-k8s/versions.tf
new file mode 100644
index 00000000..ac97c6ac
--- /dev/null
+++ b/terraform/modules/aws-rancher-k8s/versions.tf
@@ -0,0 +1,4 @@
+
+terraform {
+  required_version = ">= 0.12"
+}
diff --git a/terraform/modules/aws-rancher/main.tf b/terraform/modules/aws-rancher/main.tf
index e090691d..62b4f88c 100644
--- a/terraform/modules/aws-rancher/main.tf
+++ b/terraform/modules/aws-rancher/main.tf
@@ -1,77 +1,78 @@
 provider "aws" {
-  access_key = "${var.aws_access_key}"
-  secret_key = "${var.aws_secret_key}"
-  region     = "${var.aws_region}"
+  version    = "~> 2.0"
+  access_key = var.aws_access_key
+  secret_key = var.aws_secret_key
+  region     = var.aws_region
 }
 
 resource "aws_vpc" "default" {
-  cidr_block = "${var.aws_vpc_cidr}"
+  cidr_block = var.aws_vpc_cidr
 
-  tags {
-    Name = "${var.name}"
+  tags = {
+    Name = var.name
   }
 }
 
 resource "aws_internet_gateway" "default" {
-  vpc_id = "${aws_vpc.default.id}"
+  vpc_id = aws_vpc.default.id
 }
 
 resource "aws_subnet" "public" {
-  vpc_id                  = "${aws_vpc.default.id}"
-  cidr_block              = "${var.aws_subnet_cidr}"
+  vpc_id                  = aws_vpc.default.id
+  cidr_block              = var.aws_subnet_cidr
   map_public_ip_on_launch = true
-  depends_on              = ["aws_internet_gateway.default"]
+  depends_on              = [aws_internet_gateway.default]
 
-  tags {
+  tags = {
     Name = "public"
   }
 }
 
 resource "aws_route_table" "public" {
-  vpc_id = "${aws_vpc.default.id}"
+  vpc_id = aws_vpc.default.id
 
   route {
     cidr_block = "0.0.0.0/0"
-    gateway_id = "${aws_internet_gateway.default.id}"
+    gateway_id = aws_internet_gateway.default.id
   }
 }
 
 resource "aws_route_table_association" "public" {
-  subnet_id      = "${aws_subnet.public.id}"
-  route_table_id = "${aws_route_table.public.id}"
+  subnet_id      = aws_subnet.public.id
+  route_table_id = aws_route_table.public.id
 }
 
 resource "aws_key_pair" "deployer" {
   // Only attempt to create the key pair if the public key was provided
-  count = "${var.aws_public_key_path != "" ? 1 : 0}"
+  count = var.aws_public_key_path != "" ? 1 : 0
 
-  key_name   = "${var.aws_key_name}"
-  public_key = "${file("${var.aws_public_key_path}")}"
+  key_name   = var.aws_key_name
+  public_key = file(var.aws_public_key_path)
 }
 
 # Firewall requirements taken from:
 # https://rancher.com/docs/rancher/v2.0/en/quick-start-guide/
 resource "aws_security_group" "rke_ports" {
-  name        = "${var.name}"
+  name        = var.name
   description = "Security group for rancher hosts in ${var.name} cluster"
-  vpc_id      = "${aws_vpc.default.id}"
+  vpc_id      = aws_vpc.default.id
 
   ingress {
-    from_port   = "22"          # SSH
+    from_port   = "22" # SSH
     to_port     = "22"
     protocol    = "tcp"
     cidr_blocks = ["0.0.0.0/0"]
   }
 
   ingress {
-    from_port   = "80"          # Rancher UI
+    from_port   = "80" # Rancher UI
     to_port     = "80"
     protocol    = "tcp"
     cidr_blocks = ["0.0.0.0/0"]
   }
 
   ingress {
-    from_port   = "443"         # Rancher UI
+    from_port   = "443" # Rancher UI
     to_port     = "443"
     protocol    = "tcp"
     cidr_blocks = ["0.0.0.0/0"]
@@ -86,101 +87,103 @@ resource "aws_security_group" "rke_ports" {
 }
 
 resource "aws_instance" "host" {
-  ami                    = "${var.aws_ami_id}"
-  instance_type          = "${var.aws_instance_type}"
-  subnet_id              = "${aws_subnet.public.id}"
-  vpc_security_group_ids = ["${aws_security_group.rke_ports.id}"]
-  key_name               = "${var.aws_key_name}"
+  ami                    = var.aws_ami_id
+  instance_type          = var.aws_instance_type
+  subnet_id              = aws_subnet.public.id
+  vpc_security_group_ids = [aws_security_group.rke_ports.id]
+  key_name               = var.aws_key_name
 
   tags = {
-    Name = "${var.name}"
+    Name = var.name
   }
 
-  user_data = "${data.template_file.install_docker.rendered}"
+  user_data = data.template_file.install_docker.rendered
 }
 
 locals {
-  rancher_master_id = "${aws_instance.host.id}"
-  rancher_master_ip = "${aws_instance.host.public_ip}"
-  ssh_user          = "${var.aws_ssh_user}"
-  key_path          = "${var.aws_private_key_path}"
+  rancher_master_id = aws_instance.host.id
+  rancher_master_ip = aws_instance.host.public_ip
+  ssh_user          = var.aws_ssh_user
+  key_path          = var.aws_private_key_path
 }
 
 data "template_file" "install_docker" {
-  template = "${file("${path.module}/files/install_docker_rancher.sh.tpl")}"
+  template = file("${path.module}/files/install_docker_rancher.sh.tpl")
 
-  vars {
-    docker_engine_install_url = "${var.docker_engine_install_url}"
-
-    rancher_server_image      = "${var.rancher_server_image}"
-    rancher_registry          = "${var.rancher_registry}"
-    rancher_registry_username = "${var.rancher_registry_username}"
-    rancher_registry_password = "${var.rancher_registry_password}"
+  vars = {
+    docker_engine_install_url = var.docker_engine_install_url
+    rancher_server_image      = var.rancher_server_image
+    rancher_registry          = var.rancher_registry
+    rancher_registry_username = var.rancher_registry_username
+    rancher_registry_password = var.rancher_registry_password
   }
 }
 
 data "template_file" "install_rancher_master" {
-  template = "${file("${path.module}/files/install_rancher_master.sh.tpl")}"
+  template = file("${path.module}/files/install_rancher_master.sh.tpl")
 
-  vars {
-    rancher_server_image      = "${var.rancher_server_image}"
-    rancher_registry          = "${var.rancher_registry}"
-    rancher_registry_username = "${var.rancher_registry_username}"
-    rancher_registry_password = "${var.rancher_registry_password}"
+  vars = {
+    rancher_server_image      = var.rancher_server_image
+    rancher_registry          = var.rancher_registry
+    rancher_registry_username = var.rancher_registry_username
+    rancher_registry_password = var.rancher_registry_password
   }
 }
 
 resource "null_resource" "install_rancher_master" {
   # Changes to any instance of the cluster requires re-provisioning
-  triggers {
-    rancher_master_id = "${local.rancher_master_id}"
+  triggers = {
+    rancher_master_id = local.rancher_master_id
   }
 
   connection {
     type        = "ssh"
-    user        = "${local.ssh_user}"
-    host        = "${local.rancher_master_ip}"
-    private_key = "${file(local.key_path)}"
+    user        = local.ssh_user
+    host        = local.rancher_master_ip
+    private_key = file(local.key_path)
   }
 
   provisioner "remote-exec" {
     inline = <<EOF
       ${data.template_file.install_rancher_master.rendered}
-      EOF
+      
+EOF
+
   }
 }
 
 data "template_file" "setup_rancher_k8s" {
-  template = "${file("${path.module}/files/setup_rancher.sh.tpl")}"
+  template = file("${path.module}/files/setup_rancher.sh.tpl")
 
-  vars {
-    name                  = "${var.name}"
-    rancher_host          = "https://127.0.0.1"
-    host_registration_url = "https://${local.rancher_master_ip}"
-
-    rancher_admin_password = "${var.rancher_admin_password}"
+  vars = {
+    name                   = var.name
+    rancher_host           = "https://127.0.0.1"
+    host_registration_url  = "https://${local.rancher_master_ip}"
+    rancher_admin_password = var.rancher_admin_password
   }
 }
 
 resource "null_resource" "setup_rancher_k8s" {
-  depends_on = ["null_resource.install_rancher_master"]
+  depends_on = [null_resource.install_rancher_master]
 
   # Changes to any instance of the cluster requires re-provisioning
-  triggers {
-    rancher_master_id = "${local.rancher_master_id}"
+  triggers = {
+    rancher_master_id = local.rancher_master_id
   }
 
   connection {
     type        = "ssh"
-    user        = "${local.ssh_user}"
-    host        = "${local.rancher_master_ip}"
-    private_key = "${file(local.key_path)}"
+    user        = local.ssh_user
+    host        = local.rancher_master_ip
+    private_key = file(local.key_path)
   }
 
   provisioner "remote-exec" {
     inline = <<EOF
       ${data.template_file.setup_rancher_k8s.rendered}
-      EOF
+      
+EOF
+
   }
 }
 
@@ -191,10 +194,11 @@ data "external" "rancher_server" {
   program = ["bash", "${path.module}/files/rancher_server.sh"]
 
   query = {
-    id        = "${null_resource.setup_rancher_k8s.id}" // used to create an implicit dependency
-    ssh_host  = "${local.rancher_master_ip}"
-    ssh_user  = "${local.ssh_user}"
-    key_path  = "${local.key_path}"
+    id        = null_resource.setup_rancher_k8s.id // used to create an implicit dependency
+    ssh_host  = local.rancher_master_ip
+    ssh_user  = local.ssh_user
+    key_path  = local.key_path
     file_path = "~/rancher_api_key"
   }
 }
+
diff --git a/terraform/modules/aws-rancher/outputs.tf b/terraform/modules/aws-rancher/outputs.tf
index 8e7cffce..18d41f93 100644
--- a/terraform/modules/aws-rancher/outputs.tf
+++ b/terraform/modules/aws-rancher/outputs.tf
@@ -3,9 +3,10 @@ output "rancher_url" {
 }
 
 output "rancher_access_key" {
-  value = "${lookup(data.external.rancher_server.result, "name")}"
+  value = data.external.rancher_server.result["name"]
 }
 
 output "rancher_secret_key" {
-  value = "${lookup(data.external.rancher_server.result, "token")}"
+  value = data.external.rancher_server.result["token"]
 }
+
diff --git a/terraform/modules/aws-rancher/variables.tf b/terraform/modules/aws-rancher/variables.tf
index 85baeff3..05263a4b 100644
--- a/terraform/modules/aws-rancher/variables.tf
+++ b/terraform/modules/aws-rancher/variables.tf
@@ -85,3 +85,4 @@ variable "aws_ssh_user" {
   default     = "ubuntu"
   description = "The ssh user to use."
 }
+
diff --git a/terraform/modules/aws-rancher/versions.tf b/terraform/modules/aws-rancher/versions.tf
new file mode 100644
index 00000000..ac97c6ac
--- /dev/null
+++ b/terraform/modules/aws-rancher/versions.tf
@@ -0,0 +1,4 @@
+
+terraform {
+  required_version = ">= 0.12"
+}
diff --git a/terraform/modules/azure-rancher-k8s-host/main.tf b/terraform/modules/azure-rancher-k8s-host/main.tf
index 955a67dc..641b3879 100644
--- a/terraform/modules/azure-rancher-k8s-host/main.tf
+++ b/terraform/modules/azure-rancher-k8s-host/main.tf
@@ -1,88 +1,89 @@
 provider "azurerm" {
-  subscription_id = "${var.azure_subscription_id}"
-  client_id       = "${var.azure_client_id}"
-  client_secret   = "${var.azure_client_secret}"
-  tenant_id       = "${var.azure_tenant_id}"
-  environment     = "${var.azure_environment}"
+  version         = "=2.0.0"
+  subscription_id = var.azure_subscription_id
+  client_id       = var.azure_client_id
+  client_secret   = var.azure_client_secret
+  tenant_id       = var.azure_tenant_id
+  environment     = var.azure_environment
 }
 
 locals {
-  rancher_node_role = "${element(keys(var.rancher_host_labels), 0)}"
+  rancher_node_role = element(keys(var.rancher_host_labels), 0)
 }
 
 data "template_file" "install_rancher_agent" {
-  template = "${file("${path.module}/files/install_rancher_agent.sh.tpl")}"
-
-  vars {
-    hostname                  = "${var.hostname}"
-    docker_engine_install_url = "${var.docker_engine_install_url}"
-
-    rancher_api_url                    = "${var.rancher_api_url}"
-    rancher_cluster_registration_token = "${var.rancher_cluster_registration_token}"
-    rancher_cluster_ca_checksum        = "${var.rancher_cluster_ca_checksum}"
-    rancher_node_role                  = "${local.rancher_node_role == "control" ? "controlplane" : local.rancher_node_role}"
-    rancher_agent_image                = "${var.rancher_agent_image}"
-
-    rancher_registry          = "${var.rancher_registry}"
-    rancher_registry_username = "${var.rancher_registry_username}"
-    rancher_registry_password = "${var.rancher_registry_password}"
-
-    disk_mount_path = "${var.azure_disk_mount_path}"
+  template = file("${path.module}/files/install_rancher_agent.sh.tpl")
+
+  vars = {
+    hostname                           = var.hostname
+    docker_engine_install_url          = var.docker_engine_install_url
+    rancher_api_url                    = var.rancher_api_url
+    rancher_cluster_registration_token = var.rancher_cluster_registration_token
+    rancher_cluster_ca_checksum        = var.rancher_cluster_ca_checksum
+    rancher_node_role                  = local.rancher_node_role == "control" ? "controlplane" : local.rancher_node_role
+    rancher_agent_image                = var.rancher_agent_image
+    rancher_registry                   = var.rancher_registry
+    rancher_registry_username          = var.rancher_registry_username
+    rancher_registry_password          = var.rancher_registry_password
+    disk_mount_path                    = var.azure_disk_mount_path
   }
 }
 
 resource "azurerm_public_ip" "public_ip" {
-  name                         = "${var.hostname}"
-  location                     = "${var.azure_location}"
-  resource_group_name          = "${var.azure_resource_group_name}"
-  public_ip_address_allocation = "dynamic"
+  name                = var.hostname
+  location            = var.azure_location
+  resource_group_name = var.azure_resource_group_name
+  allocation_method   = "Dynamic"
 }
 
 resource "azurerm_network_interface" "nic" {
-  name                = "${var.hostname}"
-  location            = "${var.azure_location}"
-  resource_group_name = "${var.azure_resource_group_name}"
-
-  network_security_group_id = "${var.azure_network_security_group_id}"
+  name                = var.hostname
+  location            = var.azure_location
+  resource_group_name = var.azure_resource_group_name
 
   ip_configuration {
     name                          = "testconfiguration1"
-    subnet_id                     = "${var.azure_subnet_id}"
+    subnet_id                     = var.azure_subnet_id
     private_ip_address_allocation = "dynamic"
-    public_ip_address_id          = "${azurerm_public_ip.public_ip.id}"
+    public_ip_address_id          = azurerm_public_ip.public_ip.id
   }
 }
 
+resource "azurerm_network_interface_security_group_association" "nic" {
+  network_interface_id      = "${azurerm_network_interface.nic.id}"
+  network_security_group_id = "${azurerm_network_security_group.firewall.id}"
+}
+
 resource "azurerm_managed_disk" "host_disk" {
-  count = "${var.azure_disk_mount_path == "" ? 0 : 1}"
+  count = var.azure_disk_mount_path == "" ? 0 : 1
 
   name                 = "${var.hostname}-managed-disk"
-  location             = "${var.azure_location}"
-  resource_group_name  = "${var.azure_resource_group_name}"
+  location             = var.azure_location
+  resource_group_name  = var.azure_resource_group_name
   storage_account_type = "Standard_LRS"
   create_option        = "Empty"
-  disk_size_gb         = "${var.azure_disk_size}"
+  disk_size_gb         = var.azure_disk_size
 }
 
 resource "azurerm_virtual_machine" "host" {
-  name                  = "${var.hostname}"
-  location              = "${var.azure_location}"
-  resource_group_name   = "${var.azure_resource_group_name}"
-  network_interface_ids = ["${azurerm_network_interface.nic.id}"]
-  vm_size               = "${var.azure_size}"
+  name                  = var.hostname
+  location              = var.azure_location
+  resource_group_name   = var.azure_resource_group_name
+  network_interface_ids = [azurerm_network_interface.nic.id]
+  vm_size               = var.azure_size
 
   delete_os_disk_on_termination = true
 
   # delete_data_disks_on_termination should be set to false
   # if the user chooses to attach a managed disk.
   # Otherwise, terraform will hang when trying to delete the managed disk.
-  delete_data_disks_on_termination = "${var.azure_disk_mount_path == ""}"
+  delete_data_disks_on_termination = var.azure_disk_mount_path == ""
 
   storage_image_reference {
-    publisher = "${var.azure_image_publisher}"
-    offer     = "${var.azure_image_offer}"
-    sku       = "${var.azure_image_sku}"
-    version   = "${var.azure_image_version}"
+    publisher = var.azure_image_publisher
+    offer     = var.azure_image_offer
+    sku       = var.azure_image_sku
+    version   = var.azure_image_version
   }
 
   storage_os_disk {
@@ -93,18 +94,27 @@ resource "azurerm_virtual_machine" "host" {
   }
 
   storage_data_disk {
-    name              = "${element(coalescelist(azurerm_managed_disk.host_disk.*.name, list("${var.hostname}-datadisk")), 0)}"
-    managed_disk_id   = "${element(coalescelist(azurerm_managed_disk.host_disk.*.id, list("")), 0)}"
+    name = element(
+      coalescelist(
+        azurerm_managed_disk.host_disk.*.name,
+        ["${var.hostname}-datadisk"],
+      ),
+      0,
+    )
+    managed_disk_id   = element(coalescelist(azurerm_managed_disk.host_disk.*.id, [""]), 0)
     managed_disk_type = "Standard_LRS"
-    create_option     = "${var.azure_disk_mount_path == "" ? "Empty" : "Attach"}"
+    create_option     = var.azure_disk_mount_path == "" ? "Empty" : "Attach"
     lun               = 0
-    disk_size_gb      = "${element(coalescelist(azurerm_managed_disk.host_disk.*.disk_size_gb, list("1023")), 0)}"
+    disk_size_gb = element(
+      coalescelist(azurerm_managed_disk.host_disk.*.disk_size_gb, ["1023"]),
+      0,
+    )
   }
 
   os_profile {
-    computer_name  = "${var.hostname}"
-    admin_username = "${var.azure_ssh_user}"
-    custom_data    = "${data.template_file.install_rancher_agent.rendered}"
+    computer_name  = var.hostname
+    admin_username = var.azure_ssh_user
+    custom_data    = data.template_file.install_rancher_agent.rendered
   }
 
   os_profile_linux_config {
@@ -112,7 +122,8 @@ resource "azurerm_virtual_machine" "host" {
 
     ssh_keys {
       path     = "/home/${var.azure_ssh_user}/.ssh/authorized_keys"
-      key_data = "${file(var.azure_public_key_path)}"
+      key_data = file(var.azure_public_key_path)
     }
   }
 }
+
diff --git a/terraform/modules/azure-rancher-k8s-host/outputs.tf b/terraform/modules/azure-rancher-k8s-host/outputs.tf
deleted file mode 100644
index 8b137891..00000000
--- a/terraform/modules/azure-rancher-k8s-host/outputs.tf
+++ /dev/null
@@ -1 +0,0 @@
-
diff --git a/terraform/modules/azure-rancher-k8s-host/variables.tf b/terraform/modules/azure-rancher-k8s-host/variables.tf
index eb1a696e..db8e2f0d 100644
--- a/terraform/modules/azure-rancher-k8s-host/variables.tf
+++ b/terraform/modules/azure-rancher-k8s-host/variables.tf
@@ -6,12 +6,14 @@ variable "rancher_api_url" {
   description = ""
 }
 
-variable "rancher_cluster_registration_token" {}
+variable "rancher_cluster_registration_token" {
+}
 
-variable "rancher_cluster_ca_checksum" {}
+variable "rancher_cluster_ca_checksum" {
+}
 
 variable "rancher_host_labels" {
-  type        = "map"
+  type        = map(string)
   description = "A map of key/value pairs that get passed to the rancher agent on the host."
 }
 
@@ -40,25 +42,33 @@ variable "docker_engine_install_url" {
   description = "The URL to the shell script to install the docker engine."
 }
 
-variable "azure_subscription_id" {}
+variable "azure_subscription_id" {
+}
 
-variable "azure_client_id" {}
+variable "azure_client_id" {
+}
 
-variable "azure_client_secret" {}
+variable "azure_client_secret" {
+}
 
-variable "azure_tenant_id" {}
+variable "azure_tenant_id" {
+}
 
 variable "azure_environment" {
   default = "public"
 }
 
-variable "azure_location" {}
+variable "azure_location" {
+}
 
-variable "azure_resource_group_name" {}
+variable "azure_resource_group_name" {
+}
 
-variable "azure_network_security_group_id" {}
+variable "azure_network_security_group_id" {
+}
 
-variable "azure_subnet_id" {}
+variable "azure_subnet_id" {
+}
 
 variable "azure_size" {
   default = "Standard_A0"
@@ -95,3 +105,4 @@ variable "azure_disk_mount_path" {
 variable "azure_disk_size" {
   default = ""
 }
+
diff --git a/terraform/modules/azure-rancher-k8s-host/versions.tf b/terraform/modules/azure-rancher-k8s-host/versions.tf
new file mode 100644
index 00000000..ac97c6ac
--- /dev/null
+++ b/terraform/modules/azure-rancher-k8s-host/versions.tf
@@ -0,0 +1,4 @@
+
+terraform {
+  required_version = ">= 0.12"
+}
diff --git a/terraform/modules/azure-rancher-k8s/main.tf b/terraform/modules/azure-rancher-k8s/main.tf
index 7d913440..44399340 100644
--- a/terraform/modules/azure-rancher-k8s/main.tf
+++ b/terraform/modules/azure-rancher-k8s/main.tf
@@ -2,49 +2,50 @@ data "external" "rancher_cluster" {
   program = ["bash", "${path.module}/files/rancher_cluster.sh"]
 
   query = {
-    rancher_api_url       = "${var.rancher_api_url}"
-    rancher_access_key    = "${var.rancher_access_key}"
-    rancher_secret_key    = "${var.rancher_secret_key}"
-    name                  = "${var.name}"
-    k8s_version           = "${var.k8s_version}"
-    k8s_network_provider  = "${var.k8s_network_provider}"
-    k8s_registry          = "${var.k8s_registry}"
-    k8s_registry_username = "${var.k8s_registry_username}"
-    k8s_registry_password = "${var.k8s_registry_password}"
+    rancher_api_url       = var.rancher_api_url
+    rancher_access_key    = var.rancher_access_key
+    rancher_secret_key    = var.rancher_secret_key
+    name                  = var.name
+    k8s_version           = var.k8s_version
+    k8s_network_provider  = var.k8s_network_provider
+    k8s_registry          = var.k8s_registry
+    k8s_registry_username = var.k8s_registry_username
+    k8s_registry_password = var.k8s_registry_password
   }
 }
 
 provider "azurerm" {
-  subscription_id = "${var.azure_subscription_id}"
-  client_id       = "${var.azure_client_id}"
-  client_secret   = "${var.azure_client_secret}"
-  tenant_id       = "${var.azure_tenant_id}"
-  environment     = "${var.azure_environment}"
+  version         = "=2.0.0"
+  subscription_id = var.azure_subscription_id
+  client_id       = var.azure_client_id
+  client_secret   = var.azure_client_secret
+  tenant_id       = var.azure_tenant_id
+  environment     = var.azure_environment
 }
 
 resource "azurerm_resource_group" "resource_group" {
   name     = "${var.name}-resource_group"
-  location = "${var.azure_location}"
+  location = var.azure_location
 }
 
 resource "azurerm_virtual_network" "vnet" {
-  name                = "${var.azure_virtual_network_name}"
-  address_space       = ["${var.azure_virtual_network_address_space}"]
-  location            = "${var.azure_location}"
-  resource_group_name = "${azurerm_resource_group.resource_group.name}"
+  name                = var.azure_virtual_network_name
+  address_space       = [var.azure_virtual_network_address_space]
+  location            = var.azure_location
+  resource_group_name = azurerm_resource_group.resource_group.name
 }
 
 resource "azurerm_subnet" "subnet" {
-  name                 = "${var.azure_subnet_name}"
-  resource_group_name  = "${azurerm_resource_group.resource_group.name}"
-  virtual_network_name = "${azurerm_virtual_network.vnet.name}"
-  address_prefix       = "${var.azure_subnet_address_prefix}"
+  name                 = var.azure_subnet_name
+  resource_group_name  = azurerm_resource_group.resource_group.name
+  virtual_network_name = azurerm_virtual_network.vnet.name
+  address_prefix       = var.azure_subnet_address_prefix
 }
 
 resource "azurerm_network_security_group" "firewall" {
-  name                = "${var.azurerm_network_security_group_name}"
-  location            = "${var.azure_location}"
-  resource_group_name = "${azurerm_resource_group.resource_group.name}"
+  name                = var.azurerm_network_security_group_name
+  location            = var.azure_location
+  resource_group_name = azurerm_resource_group.resource_group.name
 }
 
 # Firewall requirements taken from:
@@ -72,6 +73,7 @@ resource "azurerm_network_security_rule" "rke_ports" {
   source_port_range           = "*"
   source_address_prefix       = "VirtualNetwork"
   destination_address_prefix  = "*"
-  resource_group_name         = "${azurerm_resource_group.resource_group.name}"
-  network_security_group_name = "${azurerm_network_security_group.firewall.name}"
+  resource_group_name         = azurerm_resource_group.resource_group.name
+  network_security_group_name = azurerm_network_security_group.firewall.name
 }
+
diff --git a/terraform/modules/azure-rancher-k8s/outputs.tf b/terraform/modules/azure-rancher-k8s/outputs.tf
index 66b09090..13d69843 100644
--- a/terraform/modules/azure-rancher-k8s/outputs.tf
+++ b/terraform/modules/azure-rancher-k8s/outputs.tf
@@ -1,23 +1,24 @@
 output "rancher_cluster_id" {
-  value = "${lookup(data.external.rancher_cluster.result, "cluster_id")}"
+  value = data.external.rancher_cluster.result["cluster_id"]
 }
 
 output "rancher_cluster_registration_token" {
-  value = "${lookup(data.external.rancher_cluster.result, "registration_token")}"
+  value = data.external.rancher_cluster.result["registration_token"]
 }
 
 output "rancher_cluster_ca_checksum" {
-  value = "${lookup(data.external.rancher_cluster.result, "ca_checksum")}"
+  value = data.external.rancher_cluster.result["ca_checksum"]
 }
 
 output "azure_resource_group_name" {
-  value = "${azurerm_resource_group.resource_group.name}"
+  value = azurerm_resource_group.resource_group.name
 }
 
 output "azure_network_security_group_id" {
-  value = "${azurerm_network_security_group.firewall.id}"
+  value = azurerm_network_security_group.firewall.id
 }
 
 output "azure_subnet_id" {
-  value = "${azurerm_subnet.subnet.id}"
+  value = azurerm_subnet.subnet.id
 }
+
diff --git a/terraform/modules/azure-rancher-k8s/variables.tf b/terraform/modules/azure-rancher-k8s/variables.tf
index 1ab42218..b51a2ad9 100644
--- a/terraform/modules/azure-rancher-k8s/variables.tf
+++ b/terraform/modules/azure-rancher-k8s/variables.tf
@@ -14,11 +14,11 @@ variable "rancher_secret_key" {
   description = ""
 }
 
-variable k8s_version {
+variable "k8s_version" {
   default = "v1.17.6-rancher2-1"
 }
 
-variable k8s_network_provider {
+variable "k8s_network_provider" {
   default = "flannel"
 }
 
@@ -111,3 +111,4 @@ variable "azure_subnet_address_prefix" {
 variable "azurerm_network_security_group_name" {
   default = "k8s-firewall"
 }
+
diff --git a/terraform/modules/azure-rancher-k8s/versions.tf b/terraform/modules/azure-rancher-k8s/versions.tf
new file mode 100644
index 00000000..ac97c6ac
--- /dev/null
+++ b/terraform/modules/azure-rancher-k8s/versions.tf
@@ -0,0 +1,4 @@
+
+terraform {
+  required_version = ">= 0.12"
+}
diff --git a/terraform/modules/azure-rancher/main.tf b/terraform/modules/azure-rancher/main.tf
index 3131d89e..0b85dccb 100644
--- a/terraform/modules/azure-rancher/main.tf
+++ b/terraform/modules/azure-rancher/main.tf
@@ -1,34 +1,35 @@
 provider "azurerm" {
-  subscription_id = "${var.azure_subscription_id}"
-  client_id       = "${var.azure_client_id}"
-  client_secret   = "${var.azure_client_secret}"
-  tenant_id       = "${var.azure_tenant_id}"
-  environment     = "${var.azure_environment}"
+  version         = "=2.0.0"
+  subscription_id = var.azure_subscription_id
+  client_id       = var.azure_client_id
+  client_secret   = var.azure_client_secret
+  tenant_id       = var.azure_tenant_id
+  environment     = var.azure_environment
 }
 
 resource "azurerm_resource_group" "resource_group" {
   name     = "${var.name}-resource_group"
-  location = "${var.azure_location}"
+  location = var.azure_location
 }
 
 resource "azurerm_virtual_network" "vnet" {
-  name                = "${var.azure_virtual_network_name}"
-  address_space       = ["${var.azure_virtual_network_address_space}"]
-  location            = "${var.azure_location}"
-  resource_group_name = "${azurerm_resource_group.resource_group.name}"
+  name                = var.azure_virtual_network_name
+  address_space       = [var.azure_virtual_network_address_space]
+  location            = var.azure_location
+  resource_group_name = azurerm_resource_group.resource_group.name
 }
 
 resource "azurerm_subnet" "subnet" {
-  name                 = "${var.azure_subnet_name}"
-  resource_group_name  = "${azurerm_resource_group.resource_group.name}"
-  virtual_network_name = "${azurerm_virtual_network.vnet.name}"
-  address_prefix       = "${var.azure_subnet_address_prefix}"
+  name                 = var.azure_subnet_name
+  resource_group_name  = azurerm_resource_group.resource_group.name
+  virtual_network_name = azurerm_virtual_network.vnet.name
+  address_prefix       = var.azure_subnet_address_prefix
 }
 
 resource "azurerm_network_security_group" "firewall" {
-  name                = "${var.azurerm_network_security_group_name}"
-  location            = "${var.azure_location}"
-  resource_group_name = "${azurerm_resource_group.resource_group.name}"
+  name                = var.azurerm_network_security_group_name
+  location            = var.azure_location
+  resource_group_name = azurerm_resource_group.resource_group.name
 }
 
 # Firewall requirements taken from:
@@ -49,46 +50,49 @@ resource "azurerm_network_security_rule" "rancher_ports" {
   source_port_range           = "*"
   source_address_prefix       = "*"
   destination_address_prefix  = "*"
-  resource_group_name         = "${azurerm_resource_group.resource_group.name}"
-  network_security_group_name = "${azurerm_network_security_group.firewall.name}"
+  resource_group_name         = azurerm_resource_group.resource_group.name
+  network_security_group_name = azurerm_network_security_group.firewall.name
 }
 
 resource "azurerm_public_ip" "public_ip" {
-  name                         = "${var.name}"
-  location                     = "${var.azure_location}"
-  resource_group_name          = "${azurerm_resource_group.resource_group.name}"
-  public_ip_address_allocation = "static"
+  name                = var.name
+  location            = var.azure_location
+  resource_group_name = azurerm_resource_group.resource_group.name
+  allocation_method   = "Static"
 }
 
 resource "azurerm_network_interface" "nic" {
-  name                = "${var.name}"
-  location            = "${var.azure_location}"
-  resource_group_name = "${azurerm_resource_group.resource_group.name}"
-
-  network_security_group_id = "${azurerm_network_security_group.firewall.id}"
+  name                = var.name
+  location            = var.azure_location
+  resource_group_name = azurerm_resource_group.resource_group.name
 
   ip_configuration {
     name                          = "testconfiguration1"
-    subnet_id                     = "${azurerm_subnet.subnet.id}"
+    subnet_id                     = azurerm_subnet.subnet.id
     private_ip_address_allocation = "dynamic"
-    public_ip_address_id          = "${azurerm_public_ip.public_ip.id}"
+    public_ip_address_id          = azurerm_public_ip.public_ip.id
   }
 }
 
+resource "azurerm_network_interface_security_group_association" "nic" {
+  network_interface_id      = azurerm_network_interface.nic.id
+  network_security_group_id = azurerm_network_security_group.firewall.id
+}
+
 resource "azurerm_virtual_machine" "host" {
-  name                  = "${var.name}"
-  location              = "${var.azure_location}"
-  resource_group_name   = "${azurerm_resource_group.resource_group.name}"
-  network_interface_ids = ["${azurerm_network_interface.nic.id}"]
-  vm_size               = "${var.azure_size}"
+  name                  = var.name
+  location              = var.azure_location
+  resource_group_name   = azurerm_resource_group.resource_group.name
+  network_interface_ids = [azurerm_network_interface.nic.id]
+  vm_size               = var.azure_size
 
   delete_os_disk_on_termination = true
 
   storage_image_reference {
-    publisher = "${var.azure_image_publisher}"
-    offer     = "${var.azure_image_offer}"
-    sku       = "${var.azure_image_sku}"
-    version   = "${var.azure_image_version}"
+    publisher = var.azure_image_publisher
+    offer     = var.azure_image_offer
+    sku       = var.azure_image_sku
+    version   = var.azure_image_version
   }
 
   storage_os_disk {
@@ -99,9 +103,9 @@ resource "azurerm_virtual_machine" "host" {
   }
 
   os_profile {
-    computer_name  = "${var.name}"
-    admin_username = "${var.azure_ssh_user}"
-    custom_data    = "${data.template_file.install_docker.rendered}"
+    computer_name  = var.name
+    admin_username = var.azure_ssh_user
+    custom_data    = data.template_file.install_docker.rendered
   }
 
   os_profile_linux_config {
@@ -109,100 +113,102 @@ resource "azurerm_virtual_machine" "host" {
 
     ssh_keys {
       path     = "/home/${var.azure_ssh_user}/.ssh/authorized_keys"
-      key_data = "${file(var.azure_public_key_path)}"
+      key_data = file(var.azure_public_key_path)
     }
   }
 }
 
 data "azurerm_public_ip" "public_ip" {
-  depends_on = ["azurerm_public_ip.public_ip"]
+  depends_on = [azurerm_public_ip.public_ip]
 
-  name                = "${azurerm_public_ip.public_ip.name}"
-  resource_group_name = "${azurerm_resource_group.resource_group.name}"
+  name                = azurerm_public_ip.public_ip.name
+  resource_group_name = azurerm_resource_group.resource_group.name
 }
 
 locals {
-  rancher_master_id = "${azurerm_virtual_machine.host.id}"
-  rancher_master_ip = "${data.azurerm_public_ip.public_ip.ip_address}"
-  ssh_user          = "${var.azure_ssh_user}"
-  key_path          = "${var.azure_private_key_path}"
+  rancher_master_id = azurerm_virtual_machine.host.id
+  rancher_master_ip = data.azurerm_public_ip.public_ip.ip_address
+  ssh_user          = var.azure_ssh_user
+  key_path          = var.azure_private_key_path
 }
 
 data "template_file" "install_docker" {
-  template = "${file("${path.module}/files/install_docker_rancher.sh.tpl")}"
-
-  vars {
-    docker_engine_install_url = "${var.docker_engine_install_url}"
-
-    rancher_server_image      = "${var.rancher_server_image}"
-    rancher_registry          = "${var.rancher_registry}"
-    rancher_registry_username = "${var.rancher_registry_username}"
-    rancher_registry_password = "${var.rancher_registry_password}"
+  template = file("${path.module}/files/install_docker_rancher.sh.tpl")
+
+  vars = {
+    docker_engine_install_url = var.docker_engine_install_url
+    rancher_server_image      = var.rancher_server_image
+    rancher_registry          = var.rancher_registry
+    rancher_registry_username = var.rancher_registry_username
+    rancher_registry_password = var.rancher_registry_password
   }
 }
 
 data "template_file" "install_rancher_master" {
-  template = "${file("${path.module}/files/install_rancher_master.sh.tpl")}"
+  template = file("${path.module}/files/install_rancher_master.sh.tpl")
 
-  vars {
-    rancher_server_image      = "${var.rancher_server_image}"
-    rancher_registry          = "${var.rancher_registry}"
-    rancher_registry_username = "${var.rancher_registry_username}"
-    rancher_registry_password = "${var.rancher_registry_password}"
+  vars = {
+    rancher_server_image      = var.rancher_server_image
+    rancher_registry          = var.rancher_registry
+    rancher_registry_username = var.rancher_registry_username
+    rancher_registry_password = var.rancher_registry_password
   }
 }
 
 resource "null_resource" "install_rancher_master" {
   # Changes to any instance of the cluster requires re-provisioning
-  triggers {
-    rancher_master_id = "${local.rancher_master_id}"
+  triggers = {
+    rancher_master_id = local.rancher_master_id
   }
 
   connection {
     type        = "ssh"
-    user        = "${local.ssh_user}"
-    host        = "${local.rancher_master_ip}"
-    private_key = "${file(local.key_path)}"
+    user        = local.ssh_user
+    host        = local.rancher_master_ip
+    private_key = file(local.key_path)
   }
 
   provisioner "remote-exec" {
     inline = <<EOF
       ${data.template_file.install_rancher_master.rendered}
-      EOF
+      
+EOF
+
   }
 }
 
 data "template_file" "setup_rancher_k8s" {
-  template = "${file("${path.module}/files/setup_rancher.sh.tpl")}"
-
-  vars {
-    name                  = "${var.name}"
-    rancher_host          = "https://127.0.0.1"
-    host_registration_url = "https://${local.rancher_master_ip}"
+  template = file("${path.module}/files/setup_rancher.sh.tpl")
 
-    rancher_admin_password = "${var.rancher_admin_password}"
+  vars = {
+    name                   = var.name
+    rancher_host           = "https://127.0.0.1"
+    host_registration_url  = "https://${local.rancher_master_ip}"
+    rancher_admin_password = var.rancher_admin_password
   }
 }
 
 resource "null_resource" "setup_rancher_k8s" {
-  depends_on = ["null_resource.install_rancher_master"]
+  depends_on = [null_resource.install_rancher_master]
 
   # Changes to any instance of the cluster requires re-provisioning
-  triggers {
-    rancher_master_id = "${local.rancher_master_id}"
+  triggers = {
+    rancher_master_id = local.rancher_master_id
   }
 
   connection {
     type        = "ssh"
-    user        = "${local.ssh_user}"
-    host        = "${local.rancher_master_ip}"
-    private_key = "${file(local.key_path)}"
+    user        = local.ssh_user
+    host        = local.rancher_master_ip
+    private_key = file(local.key_path)
   }
 
   provisioner "remote-exec" {
     inline = <<EOF
       ${data.template_file.setup_rancher_k8s.rendered}
-      EOF
+      
+EOF
+
   }
 }
 
@@ -213,10 +219,11 @@ data "external" "rancher_server" {
   program = ["bash", "${path.module}/files/rancher_server.sh"]
 
   query = {
-    id        = "${null_resource.setup_rancher_k8s.id}" // used to create an implicit dependency
-    ssh_host  = "${local.rancher_master_ip}"
-    ssh_user  = "${local.ssh_user}"
-    key_path  = "${local.key_path}"
+    id        = null_resource.setup_rancher_k8s.id // used to create an implicit dependency
+    ssh_host  = local.rancher_master_ip
+    ssh_user  = local.ssh_user
+    key_path  = local.key_path
     file_path = "~/rancher_api_key"
   }
 }
+
diff --git a/terraform/modules/azure-rancher/outputs.tf b/terraform/modules/azure-rancher/outputs.tf
index 8e7cffce..18d41f93 100644
--- a/terraform/modules/azure-rancher/outputs.tf
+++ b/terraform/modules/azure-rancher/outputs.tf
@@ -3,9 +3,10 @@ output "rancher_url" {
 }
 
 output "rancher_access_key" {
-  value = "${lookup(data.external.rancher_server.result, "name")}"
+  value = data.external.rancher_server.result["name"]
 }
 
 output "rancher_secret_key" {
-  value = "${lookup(data.external.rancher_server.result, "token")}"
+  value = data.external.rancher_server.result["token"]
 }
+
diff --git a/terraform/modules/azure-rancher/variables.tf b/terraform/modules/azure-rancher/variables.tf
index 71d296f9..5230d603 100644
--- a/terraform/modules/azure-rancher/variables.tf
+++ b/terraform/modules/azure-rancher/variables.tf
@@ -96,7 +96,8 @@ variable "azurerm_network_security_group_name" {
   default = "rancher-firewall"
 }
 
-variable "azure_resource_group_name" {}
+variable "azure_resource_group_name" {
+}
 
 variable "azure_size" {
   default = "Standard_A0"
@@ -113,3 +114,4 @@ variable "azure_public_key_path" {
 variable "azure_private_key_path" {
   default = "~/.ssh/id_rsa"
 }
+
diff --git a/terraform/modules/azure-rancher/versions.tf b/terraform/modules/azure-rancher/versions.tf
new file mode 100644
index 00000000..ac97c6ac
--- /dev/null
+++ b/terraform/modules/azure-rancher/versions.tf
@@ -0,0 +1,4 @@
+
+terraform {
+  required_version = ">= 0.12"
+}
diff --git a/terraform/modules/azure-rke/main.tf b/terraform/modules/azure-rke/main.tf
index 4838d69f..be53c4d8 100644
--- a/terraform/modules/azure-rke/main.tf
+++ b/terraform/modules/azure-rke/main.tf
@@ -1,40 +1,41 @@
 provider "azurerm" {
-  subscription_id = "${var.azure_subscription_id}"
-  client_id       = "${var.azure_client_id}"
-  client_secret   = "${var.azure_client_secret}"
-  tenant_id       = "${var.azure_tenant_id}"
-  environment     = "${var.azure_environment}"
+  version         = "=2.0.0"
+  subscription_id = var.azure_subscription_id
+  client_id       = var.azure_client_id
+  client_secret   = var.azure_client_secret
+  tenant_id       = var.azure_tenant_id
+  environment     = var.azure_environment
 }
 
 resource "azurerm_resource_group" "resource_group" {
   name     = "${var.name}-resource_group"
-  location = "${var.azure_location}"
+  location = var.azure_location
 }
 
 resource "azurerm_virtual_network" "vnet" {
-  name                = "${var.azure_virtual_network_name}"
-  address_space       = ["${var.azure_virtual_network_address_space}"]
-  location            = "${var.azure_location}"
-  resource_group_name = "${azurerm_resource_group.resource_group.name}"
+  name                = var.azure_virtual_network_name
+  address_space       = [var.azure_virtual_network_address_space]
+  location            = var.azure_location
+  resource_group_name = azurerm_resource_group.resource_group.name
 }
 
 resource "azurerm_subnet" "subnet" {
-  name                 = "${var.azure_subnet_name}"
-  resource_group_name  = "${azurerm_resource_group.resource_group.name}"
-  virtual_network_name = "${azurerm_virtual_network.vnet.name}"
-  address_prefix       = "${var.azure_subnet_address_prefix}"
+  name                 = var.azure_subnet_name
+  resource_group_name  = azurerm_resource_group.resource_group.name
+  virtual_network_name = azurerm_virtual_network.vnet.name
+  address_prefix       = var.azure_subnet_address_prefix
 }
 
 resource "azurerm_network_security_group" "firewall" {
-  name                = "${var.azurerm_network_security_group_name}"
-  location            = "${var.azure_location}"
-  resource_group_name = "${azurerm_resource_group.resource_group.name}"
+  name                = var.azurerm_network_security_group_name
+  location            = var.azure_location
+  resource_group_name = azurerm_resource_group.resource_group.name
 }
 
 resource "azurerm_application_security_group" "asg" {
   name                = "${var.name}-asg"
-  location            = "${var.azure_location}"
-  resource_group_name = "${azurerm_resource_group.resource_group.name}"
+  location            = var.azure_location
+  resource_group_name = azurerm_resource_group.resource_group.name
 }
 
 # Firewall requirements taken from:
@@ -58,8 +59,8 @@ resource "azurerm_network_security_rule" "public_rancher_ports" {
   source_port_range     = "*"
   source_address_prefix = "Internet"
 
-  resource_group_name         = "${azurerm_resource_group.resource_group.name}"
-  network_security_group_name = "${azurerm_network_security_group.firewall.name}"
+  resource_group_name         = azurerm_resource_group.resource_group.name
+  network_security_group_name = azurerm_network_security_group.firewall.name
 }
 
 resource "azurerm_network_security_rule" "internal_rancher_ports_tcp" {
@@ -82,11 +83,11 @@ resource "azurerm_network_security_rule" "internal_rancher_ports_tcp" {
   source_port_range = "*"
 
   source_application_security_group_ids = [
-    "${azurerm_application_security_group.asg.id}",
+    azurerm_application_security_group.asg.id,
   ]
 
-  resource_group_name         = "${azurerm_resource_group.resource_group.name}"
-  network_security_group_name = "${azurerm_network_security_group.firewall.name}"
+  resource_group_name         = azurerm_resource_group.resource_group.name
+  network_security_group_name = azurerm_network_security_group.firewall.name
 }
 
 resource "azurerm_network_security_rule" "internal_rancher_ports_udp" {
@@ -105,72 +106,74 @@ resource "azurerm_network_security_rule" "internal_rancher_ports_udp" {
   source_port_range = "*"
 
   source_application_security_group_ids = [
-    "${azurerm_application_security_group.asg.id}",
+    azurerm_application_security_group.asg.id,
   ]
 
-  resource_group_name         = "${azurerm_resource_group.resource_group.name}"
-  network_security_group_name = "${azurerm_network_security_group.firewall.name}"
+  resource_group_name         = azurerm_resource_group.resource_group.name
+  network_security_group_name = azurerm_network_security_group.firewall.name
 }
 
 resource "azurerm_public_ip" "public_ip" {
-  count = "${var.node_count}"
+  count = var.node_count
 
-  name                         = "${var.name}-${count.index}"
-  location                     = "${var.azure_location}"
-  resource_group_name          = "${azurerm_resource_group.resource_group.name}"
-  public_ip_address_allocation = "static"
+  name                = "${var.name}-${count.index}"
+  location            = var.azure_location
+  resource_group_name = azurerm_resource_group.resource_group.name
+  allocation_method   = "Static"
 }
 
 resource "azurerm_network_interface" "nic" {
-  count = "${var.node_count}"
+  count = var.node_count
 
   name                = "${var.name}-${count.index}"
-  location            = "${var.azure_location}"
-  resource_group_name = "${azurerm_resource_group.resource_group.name}"
-
-  network_security_group_id = "${azurerm_network_security_group.firewall.id}"
+  location            = var.azure_location
+  resource_group_name = azurerm_resource_group.resource_group.name
 
   ip_configuration {
-    name                          = "${var.name}-${count.index}-ip"
-    subnet_id                     = "${azurerm_subnet.subnet.id}"
-    private_ip_address_allocation = "dynamic"
-    public_ip_address_id          = "${element(azurerm_public_ip.public_ip.*.id, count.index)}"
-
-    application_security_group_ids = [
-      "${azurerm_application_security_group.asg.id}",
-    ]
+    name                 = "${var.name}-${count.index}-ip"
+    subnet_id            = azurerm_subnet.subnet.id
+    public_ip_address_id = element(azurerm_public_ip.public_ip.*.id, count.index)
   }
 }
 
-data "template_file" "install_docker" {
-  template = "${file("${path.module}/files/install_docker_rancher.sh.tpl")}"
+resource "azurerm_network_interface_security_group_association" "nic" {
+  network_interface_id      = azurerm_network_interface.nic[0].id
+  network_security_group_id = azurerm_network_security_group.firewall.id
+}
 
-  vars {
-    docker_engine_install_url = "${var.docker_engine_install_url}"
+resource "azurerm_network_interface_application_security_group_association" "nic" {
+  application_security_group_id = azurerm_application_security_group.asg.id
+  network_interface_id          = azurerm_network_interface.nic[0].id
+}
 
-    rancher_server_image      = "${var.rancher_server_image}"
-    rancher_registry          = "${var.rancher_registry}"
-    rancher_registry_username = "${var.rancher_registry_username}"
-    rancher_registry_password = "${var.rancher_registry_password}"
+data "template_file" "install_docker" {
+  template = file("${path.module}/files/install_docker_rancher.sh.tpl")
+
+  vars = {
+    docker_engine_install_url = var.docker_engine_install_url
+    rancher_server_image      = var.rancher_server_image
+    rancher_registry          = var.rancher_registry
+    rancher_registry_username = var.rancher_registry_username
+    rancher_registry_password = var.rancher_registry_password
   }
 }
 
 resource "azurerm_virtual_machine" "host" {
-  count = "${var.node_count}"
+  count = var.node_count
 
   name                  = "${var.name}-${count.index}"
-  location              = "${var.azure_location}"
-  resource_group_name   = "${azurerm_resource_group.resource_group.name}"
-  network_interface_ids = ["${element(azurerm_network_interface.nic.*.id, count.index)}"]
-  vm_size               = "${var.azure_size}"
+  location              = var.azure_location
+  resource_group_name   = azurerm_resource_group.resource_group.name
+  network_interface_ids = [element(azurerm_network_interface.nic.*.id, count.index)]
+  vm_size               = var.azure_size
 
   delete_os_disk_on_termination = true
 
   storage_image_reference {
-    publisher = "${var.azure_image_publisher}"
-    offer     = "${var.azure_image_offer}"
-    sku       = "${var.azure_image_sku}"
-    version   = "${var.azure_image_version}"
+    publisher = var.azure_image_publisher
+    offer     = var.azure_image_offer
+    sku       = var.azure_image_sku
+    version   = var.azure_image_version
   }
 
   storage_os_disk {
@@ -182,8 +185,8 @@ resource "azurerm_virtual_machine" "host" {
 
   os_profile {
     computer_name  = "${var.name}-${count.index}"
-    admin_username = "${var.azure_ssh_user}"
-    custom_data    = "${data.template_file.install_docker.rendered}"
+    admin_username = var.azure_ssh_user
+    custom_data    = data.template_file.install_docker.rendered
   }
 
   os_profile_linux_config {
@@ -191,62 +194,75 @@ resource "azurerm_virtual_machine" "host" {
 
     ssh_keys {
       path     = "/home/${var.azure_ssh_user}/.ssh/authorized_keys"
-      key_data = "${file(var.azure_public_key_path)}"
+      key_data = file(var.azure_public_key_path)
     }
   }
 }
 
 data "azurerm_public_ip" "public_ip" {
-  depends_on = ["azurerm_public_ip.public_ip"]
+  depends_on = [azurerm_public_ip.public_ip]
 
-  count = "${var.node_count}"
+  count = var.node_count
 
-  name                = "${element(azurerm_public_ip.public_ip.*.name, count.index)}"
-  resource_group_name = "${azurerm_resource_group.resource_group.name}"
+  name                = element(azurerm_public_ip.public_ip.*.name, count.index)
+  resource_group_name = azurerm_resource_group.resource_group.name
 }
 
 data "template_file" "wait_for_docker_install" {
-  template = "${file("${path.module}/files/wait_for_docker_install.sh")}"
+  template = file("${path.module}/files/wait_for_docker_install.sh")
 }
 
 resource "null_resource" "wait_for_docker_install" {
   # Changes to any instance of the cluster requires re-provisioning
-  triggers {
-    node_ids = "${join(",", azurerm_virtual_machine.host.*.id)}"
+  triggers = {
+    node_ids = join(",", azurerm_virtual_machine.host.*.id)
   }
 
-  count = "${var.node_count}"
+  count = var.node_count
 
   connection {
     type        = "ssh"
-    user        = "${var.azure_ssh_user}"
-    host        = "${element(data.azurerm_public_ip.public_ip.*.ip_address, count.index)}"
-    private_key = "${file(var.azure_private_key_path)}"
+    user        = var.azure_ssh_user
+    host        = element(data.azurerm_public_ip.public_ip.*.ip_address, count.index)
+    private_key = file(var.azure_private_key_path)
   }
 
   provisioner "remote-exec" {
     inline = <<EOF
       ${data.template_file.wait_for_docker_install.rendered}
-      EOF
+      
+EOF
+
   }
 }
 
-data rke_node_parameter "nodes" {
-  count = "${var.node_count}"
-
-  internal_address = "${element(azurerm_network_interface.nic.*.private_ip_address, count.index)}"
-  address          = "${element(data.azurerm_public_ip.public_ip.*.ip_address, count.index)}"
-  user             = "${var.azure_ssh_user}"
-  role             = ["controlplane", "etcd", "worker"]
-  ssh_key          = "${file(var.azure_private_key_path)}"
-}
+resource "rke_cluster" "cluster" {
+  count = var.node_count
+
+  nodes {
+    internal_address = element(
+      azurerm_network_interface.nic.*.private_ip_address,
+      count.index,
+    )
+    address = element(data.azurerm_public_ip.public_ip.*.ip_address, count.index)
+    user    = var.azure_ssh_user
+    role    = ["controlplane", "etcd", "worker"]
+    ssh_key = file(var.azure_private_key_path)
+  }
 
-resource rke_cluster "cluster" {
-  depends_on = ["null_resource.wait_for_docker_install"]
+  depends_on = [null_resource.wait_for_docker_install]
 
-  nodes_conf = ["${data.rke_node_parameter.nodes.*.json}"]
+  # TF-UPGRADE-TODO: In Terraform v0.10 and earlier, it was sometimes necessary to
+  # force an interpolation expression to be interpreted as a list by wrapping it
+  # in an extra set of list brackets. That form was supported for compatibility in
+  # v0.11, but is no longer supported in Terraform v0.12.
+  #
+  # If the expression in the following list itself returns a list, remove the
+  # brackets to avoid interpretation as a list of lists. If the expression
+  # returns a single list item then leave it as-is and remove this TODO comment.
+  nodes_conf = [data.rke_node_parameter.nodes.*.json]
 
-  ingress = {
+  ingress {
     provider = "nginx"
 
     extra_args = {
@@ -358,38 +374,40 @@ spec:
         - containerPort: 443
           protocol: TCP
 EOL
+
 }
 
 data "template_file" "setup_rancher_k8s" {
-  template = "${file("${path.module}/files/setup_rancher.sh.tpl")}"
+  template = file("${path.module}/files/setup_rancher.sh.tpl")
 
-  vars {
-    name         = "${var.name}"
-    fqdn         = "${var.fqdn}"
-    rancher_host = "https://${var.fqdn}"
-
-    rancher_admin_password = "${var.rancher_admin_password}"
+  vars = {
+    name                   = var.name
+    fqdn                   = var.fqdn
+    rancher_host           = "https://${var.fqdn}"
+    rancher_admin_password = var.rancher_admin_password
   }
 }
 
 resource "null_resource" "setup_rancher_k8s" {
-  depends_on = ["rke_cluster.cluster"]
+  depends_on = [rke_cluster.cluster]
 
-  triggers {
-    node_id = "${azurerm_virtual_machine.host.0.id}"
+  triggers = {
+    node_id = azurerm_virtual_machine.host[0].id
   }
 
   connection {
     type        = "ssh"
-    user        = "${var.azure_ssh_user}"
-    host        = "${data.azurerm_public_ip.public_ip.0.ip_address}"
-    private_key = "${file(var.azure_private_key_path)}"
+    user        = var.azure_ssh_user
+    host        = data.azurerm_public_ip.public_ip[0].ip_address
+    private_key = file(var.azure_private_key_path)
   }
 
   provisioner "remote-exec" {
     inline = <<EOF
       ${data.template_file.setup_rancher_k8s.rendered}
-      EOF
+      
+EOF
+
   }
 }
 
@@ -400,10 +418,11 @@ data "external" "rancher_server" {
   program = ["bash", "${path.module}/files/rancher_server.sh"]
 
   query = {
-    id        = "${null_resource.setup_rancher_k8s.id}"            // used to create an implicit dependency
-    ssh_host  = "${data.azurerm_public_ip.public_ip.0.ip_address}"
-    ssh_user  = "${var.azure_ssh_user}"
-    key_path  = "${var.azure_private_key_path}"
+    id        = null_resource.setup_rancher_k8s.id // used to create an implicit dependency
+    ssh_host  = data.azurerm_public_ip.public_ip[0].ip_address
+    ssh_user  = var.azure_ssh_user
+    key_path  = var.azure_private_key_path
     file_path = "~/rancher_api_key"
   }
 }
+
diff --git a/terraform/modules/azure-rke/outputs.tf b/terraform/modules/azure-rke/outputs.tf
index bf90bc0e..41e8a690 100644
--- a/terraform/modules/azure-rke/outputs.tf
+++ b/terraform/modules/azure-rke/outputs.tf
@@ -3,19 +3,20 @@ output "rancher_url" {
 }
 
 output "rancher_access_key" {
-  value = "${lookup(data.external.rancher_server.result, "name")}"
+  value = data.external.rancher_server.result["name"]
 }
 
 output "rancher_secret_key" {
-  value = "${lookup(data.external.rancher_server.result, "token")}"
+  value = data.external.rancher_server.result["token"]
 }
 
 output "rke_cluster_yaml" {
   sensitive = true
-  value     = "${rke_cluster.cluster.rke_cluster_yaml}"
+  value     = rke_cluster.cluster[0].rke_cluster_yaml
 }
 
 output "kube_config_yaml" {
   sensitive = true
-  value     = "${rke_cluster.cluster.kube_config_yaml}"
+  value     = rke_cluster.cluster[0].kube_config_yaml
 }
+
diff --git a/terraform/modules/azure-rke/variables.tf b/terraform/modules/azure-rke/variables.tf
index f376ace8..e84dd2fa 100644
--- a/terraform/modules/azure-rke/variables.tf
+++ b/terraform/modules/azure-rke/variables.tf
@@ -100,7 +100,8 @@ variable "azurerm_network_security_group_name" {
   default = "rancher-firewall"
 }
 
-variable "azure_resource_group_name" {}
+variable "azure_resource_group_name" {
+}
 
 variable "azure_size" {
   default = "Standard_A0"
@@ -118,8 +119,12 @@ variable "azure_private_key_path" {
   default = "~/.ssh/id_rsa"
 }
 
-variable "fqdn" {}
+variable "fqdn" {
+}
 
-variable "tls_cert_path" {}
+variable "tls_cert_path" {
+}
+
+variable "tls_private_key_path" {
+}
 
-variable "tls_private_key_path" {}
diff --git a/terraform/modules/azure-rke/versions.tf b/terraform/modules/azure-rke/versions.tf
new file mode 100644
index 00000000..ac97c6ac
--- /dev/null
+++ b/terraform/modules/azure-rke/versions.tf
@@ -0,0 +1,4 @@
+
+terraform {
+  required_version = ">= 0.12"
+}
diff --git a/terraform/modules/bare-metal-rancher-k8s-host/main.tf b/terraform/modules/bare-metal-rancher-k8s-host/main.tf
index 6a51c4fe..ec8cd6c1 100644
--- a/terraform/modules/bare-metal-rancher-k8s-host/main.tf
+++ b/terraform/modules/bare-metal-rancher-k8s-host/main.tf
@@ -1,41 +1,42 @@
 locals {
-  rancher_node_role = "${element(keys(var.rancher_host_labels), 0)}"
+  rancher_node_role = element(keys(var.rancher_host_labels), 0)
 }
 
 data "template_file" "install_rancher_agent" {
-  template = "${file("${path.module}/files/install_rancher_agent.sh.tpl")}"
+  template = file("${path.module}/files/install_rancher_agent.sh.tpl")
 
-  vars {
-    docker_engine_install_url = "${var.docker_engine_install_url}"
-
-    rancher_api_url                    = "${var.rancher_api_url}"
-    rancher_cluster_registration_token = "${var.rancher_cluster_registration_token}"
-    rancher_cluster_ca_checksum        = "${var.rancher_cluster_ca_checksum}"
-    rancher_node_role                  = "${local.rancher_node_role == "control" ? "controlplane" : local.rancher_node_role}"
-    rancher_agent_image                = "${var.rancher_agent_image}"
-
-    rancher_registry          = "${var.rancher_registry}"
-    rancher_registry_username = "${var.rancher_registry_username}"
-    rancher_registry_password = "${var.rancher_registry_password}"
+  vars = {
+    docker_engine_install_url          = var.docker_engine_install_url
+    rancher_api_url                    = var.rancher_api_url
+    rancher_cluster_registration_token = var.rancher_cluster_registration_token
+    rancher_cluster_ca_checksum        = var.rancher_cluster_ca_checksum
+    rancher_node_role                  = local.rancher_node_role == "control" ? "controlplane" : local.rancher_node_role
+    rancher_agent_image                = var.rancher_agent_image
+    rancher_registry                   = var.rancher_registry
+    rancher_registry_username          = var.rancher_registry_username
+    rancher_registry_password          = var.rancher_registry_password
   }
 }
 
 resource "null_resource" "install_rancher_agent" {
-  triggers {
-    host = "${var.host}"
+  triggers = {
+    host = var.host
   }
 
   connection {
     type         = "ssh"
-    user         = "${var.ssh_user}"
-    bastion_host = "${var.bastion_host}"
-    host         = "${var.host}"
-    private_key  = "${file(var.key_path)}"
+    user         = var.ssh_user
+    bastion_host = var.bastion_host
+    host         = var.host
+    private_key  = file(var.key_path)
   }
 
   provisioner "remote-exec" {
     inline = <<EOF
       ${data.template_file.install_rancher_agent.rendered}
-      EOF
+      
+EOF
+
   }
 }
+
diff --git a/terraform/modules/bare-metal-rancher-k8s-host/outputs.tf b/terraform/modules/bare-metal-rancher-k8s-host/outputs.tf
deleted file mode 100644
index 8b137891..00000000
--- a/terraform/modules/bare-metal-rancher-k8s-host/outputs.tf
+++ /dev/null
@@ -1 +0,0 @@
-
diff --git a/terraform/modules/bare-metal-rancher-k8s-host/variables.tf b/terraform/modules/bare-metal-rancher-k8s-host/variables.tf
index ce5e0b08..f49a43b8 100644
--- a/terraform/modules/bare-metal-rancher-k8s-host/variables.tf
+++ b/terraform/modules/bare-metal-rancher-k8s-host/variables.tf
@@ -6,12 +6,14 @@ variable "rancher_api_url" {
   description = ""
 }
 
-variable "rancher_cluster_registration_token" {}
+variable "rancher_cluster_registration_token" {
+}
 
-variable "rancher_cluster_ca_checksum" {}
+variable "rancher_cluster_ca_checksum" {
+}
 
 variable "rancher_host_labels" {
-  type        = "map"
+  type        = map(string)
   description = "A map of key/value pairs that get passed to the rancher agent on the host."
 }
 
@@ -58,3 +60,4 @@ variable "key_path" {
   default     = "~/.ssh/id_rsa"
   description = ""
 }
+
diff --git a/terraform/modules/bare-metal-rancher-k8s-host/versions.tf b/terraform/modules/bare-metal-rancher-k8s-host/versions.tf
new file mode 100644
index 00000000..ac97c6ac
--- /dev/null
+++ b/terraform/modules/bare-metal-rancher-k8s-host/versions.tf
@@ -0,0 +1,4 @@
+
+terraform {
+  required_version = ">= 0.12"
+}
diff --git a/terraform/modules/bare-metal-rancher-k8s/main.tf b/terraform/modules/bare-metal-rancher-k8s/main.tf
index f8df3785..385b750d 100644
--- a/terraform/modules/bare-metal-rancher-k8s/main.tf
+++ b/terraform/modules/bare-metal-rancher-k8s/main.tf
@@ -2,14 +2,15 @@ data "external" "rancher_cluster" {
   program = ["bash", "${path.module}/files/rancher_cluster.sh"]
 
   query = {
-    rancher_api_url       = "${var.rancher_api_url}"
-    rancher_access_key    = "${var.rancher_access_key}"
-    rancher_secret_key    = "${var.rancher_secret_key}"
-    name                  = "${var.name}"
-    k8s_version           = "${var.k8s_version}"
-    k8s_network_provider  = "${var.k8s_network_provider}"
-    k8s_registry          = "${var.k8s_registry}"
-    k8s_registry_username = "${var.k8s_registry_username}"
-    k8s_registry_password = "${var.k8s_registry_password}"
+    rancher_api_url       = var.rancher_api_url
+    rancher_access_key    = var.rancher_access_key
+    rancher_secret_key    = var.rancher_secret_key
+    name                  = var.name
+    k8s_version           = var.k8s_version
+    k8s_network_provider  = var.k8s_network_provider
+    k8s_registry          = var.k8s_registry
+    k8s_registry_username = var.k8s_registry_username
+    k8s_registry_password = var.k8s_registry_password
   }
 }
+
diff --git a/terraform/modules/bare-metal-rancher-k8s/outputs.tf b/terraform/modules/bare-metal-rancher-k8s/outputs.tf
index 5af2b9e1..5239f359 100644
--- a/terraform/modules/bare-metal-rancher-k8s/outputs.tf
+++ b/terraform/modules/bare-metal-rancher-k8s/outputs.tf
@@ -1,11 +1,12 @@
 output "rancher_cluster_id" {
-  value = "${lookup(data.external.rancher_cluster.result, "cluster_id")}"
+  value = data.external.rancher_cluster.result["cluster_id"]
 }
 
 output "rancher_cluster_registration_token" {
-  value = "${lookup(data.external.rancher_cluster.result, "registration_token")}"
+  value = data.external.rancher_cluster.result["registration_token"]
 }
 
 output "rancher_cluster_ca_checksum" {
-  value = "${lookup(data.external.rancher_cluster.result, "ca_checksum")}"
-}
\ No newline at end of file
+  value = data.external.rancher_cluster.result["ca_checksum"]
+}
+
diff --git a/terraform/modules/bare-metal-rancher-k8s/variables.tf b/terraform/modules/bare-metal-rancher-k8s/variables.tf
index c4cb6354..f808b00a 100644
--- a/terraform/modules/bare-metal-rancher-k8s/variables.tf
+++ b/terraform/modules/bare-metal-rancher-k8s/variables.tf
@@ -14,11 +14,11 @@ variable "rancher_secret_key" {
   description = ""
 }
 
-variable k8s_version {
+variable "k8s_version" {
   default = "v1.17.6-rancher2-1"
 }
 
-variable k8s_network_provider {
+variable "k8s_network_provider" {
   default = "flannel"
 }
 
@@ -51,3 +51,4 @@ variable "k8s_registry_password" {
   default     = ""
   description = "The password to use."
 }
+
diff --git a/terraform/modules/bare-metal-rancher-k8s/versions.tf b/terraform/modules/bare-metal-rancher-k8s/versions.tf
new file mode 100644
index 00000000..ac97c6ac
--- /dev/null
+++ b/terraform/modules/bare-metal-rancher-k8s/versions.tf
@@ -0,0 +1,4 @@
+
+terraform {
+  required_version = ">= 0.12"
+}
diff --git a/terraform/modules/bare-metal-rancher/main.tf b/terraform/modules/bare-metal-rancher/main.tf
index ef067027..c98cf42a 100644
--- a/terraform/modules/bare-metal-rancher/main.tf
+++ b/terraform/modules/bare-metal-rancher/main.tf
@@ -1,107 +1,111 @@
 locals {
-  rancher_master_id = "${var.host}"
-  rancher_master_ip = "${var.host}"
-  ssh_user          = "${var.ssh_user}"
-  key_path          = "${var.key_path}"
+  rancher_master_id = var.host
+  rancher_master_ip = var.host
+  ssh_user          = var.ssh_user
+  key_path          = var.key_path
 }
 
 data "template_file" "install_docker" {
-  template = "${file("${path.module}/files/install_docker_rancher.sh.tpl")}"
-
-  vars {
-    docker_engine_install_url = "${var.docker_engine_install_url}"
-
-    rancher_server_image      = "${var.rancher_server_image}"
-    rancher_registry          = "${var.rancher_registry}"
-    rancher_registry_username = "${var.rancher_registry_username}"
-    rancher_registry_password = "${var.rancher_registry_password}"
+  template = file("${path.module}/files/install_docker_rancher.sh.tpl")
+
+  vars = {
+    docker_engine_install_url = var.docker_engine_install_url
+    rancher_server_image      = var.rancher_server_image
+    rancher_registry          = var.rancher_registry
+    rancher_registry_username = var.rancher_registry_username
+    rancher_registry_password = var.rancher_registry_password
   }
 }
 
 resource "null_resource" "install_docker" {
   # Changes to any instance of the cluster requires re-provisioning
-  triggers {
-    rancher_master_id = "${local.rancher_master_id}"
+  triggers = {
+    rancher_master_id = local.rancher_master_id
   }
 
   connection {
     type        = "ssh"
-    user        = "${local.ssh_user}"
-    host        = "${local.rancher_master_ip}"
-    private_key = "${file(local.key_path)}"
+    user        = local.ssh_user
+    host        = local.rancher_master_ip
+    private_key = file(local.key_path)
   }
 
   provisioner "remote-exec" {
     inline = <<EOF
       ${data.template_file.install_docker.rendered}
-      EOF
+      
+EOF
+
   }
 }
 
 data "template_file" "install_rancher_master" {
-  template = "${file("${path.module}/files/install_rancher_master.sh.tpl")}"
+  template = file("${path.module}/files/install_rancher_master.sh.tpl")
 
-  vars {
-    rancher_server_image      = "${var.rancher_server_image}"
-    rancher_registry          = "${var.rancher_registry}"
-    rancher_registry_username = "${var.rancher_registry_username}"
-    rancher_registry_password = "${var.rancher_registry_password}"
+  vars = {
+    rancher_server_image      = var.rancher_server_image
+    rancher_registry          = var.rancher_registry
+    rancher_registry_username = var.rancher_registry_username
+    rancher_registry_password = var.rancher_registry_password
   }
 }
 
 resource "null_resource" "install_rancher_master" {
-  depends_on = ["null_resource.install_docker"]
+  depends_on = [null_resource.install_docker]
 
   # Changes to any instance of the cluster requires re-provisioning
-  triggers {
-    rancher_master_id = "${local.rancher_master_id}"
+  triggers = {
+    rancher_master_id = local.rancher_master_id
   }
 
   connection {
     type        = "ssh"
-    user        = "${local.ssh_user}"
-    host        = "${local.rancher_master_ip}"
-    private_key = "${file(local.key_path)}"
+    user        = local.ssh_user
+    host        = local.rancher_master_ip
+    private_key = file(local.key_path)
   }
 
   provisioner "remote-exec" {
     inline = <<EOF
       ${data.template_file.install_rancher_master.rendered}
-      EOF
+      
+EOF
+
   }
 }
 
 data "template_file" "setup_rancher_k8s" {
-  template = "${file("${path.module}/files/setup_rancher.sh.tpl")}"
+  template = file("${path.module}/files/setup_rancher.sh.tpl")
 
-  vars {
-    name                  = "${var.name}"
-    rancher_host          = "https://127.0.0.1"
-    host_registration_url = "https://${local.rancher_master_ip}"
-
-    rancher_admin_password = "${var.rancher_admin_password}"
+  vars = {
+    name                   = var.name
+    rancher_host           = "https://127.0.0.1"
+    host_registration_url  = "https://${local.rancher_master_ip}"
+    rancher_admin_password = var.rancher_admin_password
   }
 }
 
 resource "null_resource" "setup_rancher_k8s" {
-  depends_on = ["null_resource.install_rancher_master"]
+  depends_on = [null_resource.install_rancher_master]
 
   # Changes to any instance of the cluster requires re-provisioning
-  triggers {
-    rancher_master_id = "${local.rancher_master_id}"
+  triggers = {
+    rancher_master_id = local.rancher_master_id
   }
 
   connection {
     type        = "ssh"
-    user        = "${local.ssh_user}"
-    host        = "${local.rancher_master_ip}"
-    private_key = "${file(local.key_path)}"
+    user        = local.ssh_user
+    host        = local.rancher_master_ip
+    private_key = file(local.key_path)
   }
 
   provisioner "remote-exec" {
     inline = <<EOF
       ${data.template_file.setup_rancher_k8s.rendered}
-      EOF
+      
+EOF
+
   }
 }
 
@@ -112,10 +116,11 @@ data "external" "rancher_server" {
   program = ["bash", "${path.module}/files/rancher_server.sh"]
 
   query = {
-    id        = "${null_resource.setup_rancher_k8s.id}" // used to create an implicit dependency
-    ssh_host  = "${local.rancher_master_ip}"
-    ssh_user  = "${local.ssh_user}"
-    key_path  = "${local.key_path}"
+    id        = null_resource.setup_rancher_k8s.id // used to create an implicit dependency
+    ssh_host  = local.rancher_master_ip
+    ssh_user  = local.ssh_user
+    key_path  = local.key_path
     file_path = "~/rancher_api_key"
   }
 }
+
diff --git a/terraform/modules/bare-metal-rancher/outputs.tf b/terraform/modules/bare-metal-rancher/outputs.tf
index 8e7cffce..18d41f93 100644
--- a/terraform/modules/bare-metal-rancher/outputs.tf
+++ b/terraform/modules/bare-metal-rancher/outputs.tf
@@ -3,9 +3,10 @@ output "rancher_url" {
 }
 
 output "rancher_access_key" {
-  value = "${lookup(data.external.rancher_server.result, "name")}"
+  value = data.external.rancher_server.result["name"]
 }
 
 output "rancher_secret_key" {
-  value = "${lookup(data.external.rancher_server.result, "token")}"
+  value = data.external.rancher_server.result["token"]
 }
+
diff --git a/terraform/modules/bare-metal-rancher/variables.tf b/terraform/modules/bare-metal-rancher/variables.tf
index 4681c0bc..3b52463e 100644
--- a/terraform/modules/bare-metal-rancher/variables.tf
+++ b/terraform/modules/bare-metal-rancher/variables.tf
@@ -54,3 +54,4 @@ variable "key_path" {
   default     = "~/.ssh/id_rsa"
   description = ""
 }
+
diff --git a/terraform/modules/bare-metal-rancher/versions.tf b/terraform/modules/bare-metal-rancher/versions.tf
new file mode 100644
index 00000000..ac97c6ac
--- /dev/null
+++ b/terraform/modules/bare-metal-rancher/versions.tf
@@ -0,0 +1,4 @@
+
+terraform {
+  required_version = ">= 0.12"
+}
diff --git a/terraform/modules/gcp-rancher-k8s-host/main.tf b/terraform/modules/gcp-rancher-k8s-host/main.tf
index 1eceddbe..1ae5ff85 100644
--- a/terraform/modules/gcp-rancher-k8s-host/main.tf
+++ b/terraform/modules/gcp-rancher-k8s-host/main.tf
@@ -1,45 +1,42 @@
 provider "google" {
-  credentials = "${file("${var.gcp_path_to_credentials}")}"
-  project     = "${var.gcp_project_id}"
-  region      = "${var.gcp_compute_region}"
+  credentials = file(var.gcp_path_to_credentials)
+  project     = var.gcp_project_id
+  region      = var.gcp_compute_region
 }
 
 locals {
-  rancher_node_role = "${element(keys(var.rancher_host_labels), 0)}"
+  rancher_node_role = element(keys(var.rancher_host_labels), 0)
 }
 
 data "template_file" "install_rancher_agent" {
-  template = "${file("${path.module}/files/install_rancher_agent.sh.tpl")}"
+  template = file("${path.module}/files/install_rancher_agent.sh.tpl")
 
-  vars {
-    hostname                  = "${var.hostname}"
-    docker_engine_install_url = "${var.docker_engine_install_url}"
-
-    rancher_api_url                    = "${var.rancher_api_url}"
-    rancher_cluster_registration_token = "${var.rancher_cluster_registration_token}"
-    rancher_cluster_ca_checksum        = "${var.rancher_cluster_ca_checksum}"
-    rancher_node_role                  = "${local.rancher_node_role == "control" ? "controlplane" : local.rancher_node_role}"
-    rancher_agent_image                = "${var.rancher_agent_image}"
-
-    rancher_registry          = "${var.rancher_registry}"
-    rancher_registry_username = "${var.rancher_registry_username}"
-    rancher_registry_password = "${var.rancher_registry_password}"
-
-    disk_mount_path = "${var.gcp_disk_mount_path}"
+  vars = {
+    hostname                           = var.hostname
+    docker_engine_install_url          = var.docker_engine_install_url
+    rancher_api_url                    = var.rancher_api_url
+    rancher_cluster_registration_token = var.rancher_cluster_registration_token
+    rancher_cluster_ca_checksum        = var.rancher_cluster_ca_checksum
+    rancher_node_role                  = local.rancher_node_role == "control" ? "controlplane" : local.rancher_node_role
+    rancher_agent_image                = var.rancher_agent_image
+    rancher_registry                   = var.rancher_registry
+    rancher_registry_username          = var.rancher_registry_username
+    rancher_registry_password          = var.rancher_registry_password
+    disk_mount_path                    = var.gcp_disk_mount_path
   }
 }
 
 resource "google_compute_instance" "host" {
-  name         = "${var.hostname}"
-  machine_type = "${var.gcp_machine_type}"
-  zone         = "${var.gcp_instance_zone}"
-  project      = "${var.gcp_project_id}"
+  name         = var.hostname
+  machine_type = var.gcp_machine_type
+  zone         = var.gcp_instance_zone
+  project      = var.gcp_project_id
 
-  tags = ["${var.gcp_compute_firewall_host_tag}"]
+  tags = [var.gcp_compute_firewall_host_tag]
 
   boot_disk {
     initialize_params {
-      image = "${var.gcp_image}"
+      image = var.gcp_image
     }
   }
 
@@ -51,7 +48,7 @@ resource "google_compute_instance" "host" {
   # }
 
   network_interface {
-    network = "${var.gcp_compute_network_name}"
+    network = var.gcp_compute_network_name
 
     access_config {
       // Ephemeral IP
@@ -60,14 +57,15 @@ resource "google_compute_instance" "host" {
   service_account {
     scopes = ["https://www.googleapis.com/auth/cloud-platform"]
   }
-  metadata_startup_script = "${data.template_file.install_rancher_agent.rendered}"
+  metadata_startup_script = data.template_file.install_rancher_agent.rendered
 }
 
 resource "google_compute_disk" "host_volume" {
-  count = "${var.gcp_disk_type == "" ? 0 : 1}"
+  count = var.gcp_disk_type == "" ? 0 : 1
 
-  type = "${var.gcp_disk_type}"
+  type = var.gcp_disk_type
   name = "${var.hostname}-volume"
-  zone = "${var.gcp_instance_zone}"
-  size = "${var.gcp_disk_size}"
+  zone = var.gcp_instance_zone
+  size = var.gcp_disk_size
 }
+
diff --git a/terraform/modules/gcp-rancher-k8s-host/outputs.tf b/terraform/modules/gcp-rancher-k8s-host/outputs.tf
deleted file mode 100644
index 8b137891..00000000
--- a/terraform/modules/gcp-rancher-k8s-host/outputs.tf
+++ /dev/null
@@ -1 +0,0 @@
-
diff --git a/terraform/modules/gcp-rancher-k8s-host/variables.tf b/terraform/modules/gcp-rancher-k8s-host/variables.tf
index 2c253608..05599ec7 100644
--- a/terraform/modules/gcp-rancher-k8s-host/variables.tf
+++ b/terraform/modules/gcp-rancher-k8s-host/variables.tf
@@ -6,12 +6,14 @@ variable "rancher_api_url" {
   description = ""
 }
 
-variable "rancher_cluster_registration_token" {}
+variable "rancher_cluster_registration_token" {
+}
 
-variable "rancher_cluster_ca_checksum" {}
+variable "rancher_cluster_ca_checksum" {
+}
 
 variable "rancher_host_labels" {
-  type        = "map"
+  type        = map(string)
   description = "A map of key/value pairs that get passed to the rancher agent on the host."
 }
 
@@ -52,7 +54,7 @@ variable "gcp_project_id" {
   description = "GCP project ID that will be running the instances and managing the network"
 }
 
-variable gcp_machine_type {
+variable "gcp_machine_type" {
   default     = "n1-standard-1"
   description = "GCP machine type to launch the instance with"
 }
@@ -88,3 +90,4 @@ variable "gcp_disk_mount_path" {
   default     = ""
   description = "The mount path"
 }
+
diff --git a/terraform/modules/gcp-rancher-k8s-host/versions.tf b/terraform/modules/gcp-rancher-k8s-host/versions.tf
new file mode 100644
index 00000000..ac97c6ac
--- /dev/null
+++ b/terraform/modules/gcp-rancher-k8s-host/versions.tf
@@ -0,0 +1,4 @@
+
+terraform {
+  required_version = ">= 0.12"
+}
diff --git a/terraform/modules/gcp-rancher-k8s/main.tf b/terraform/modules/gcp-rancher-k8s/main.tf
index f7cee45b..619e8c52 100644
--- a/terraform/modules/gcp-rancher-k8s/main.tf
+++ b/terraform/modules/gcp-rancher-k8s/main.tf
@@ -2,26 +2,26 @@ data "external" "rancher_cluster" {
   program = ["bash", "${path.module}/files/rancher_cluster.sh"]
 
   query = {
-    rancher_api_url       = "${var.rancher_api_url}"
-    rancher_access_key    = "${var.rancher_access_key}"
-    rancher_secret_key    = "${var.rancher_secret_key}"
-    name                  = "${var.name}"
-    k8s_version           = "${var.k8s_version}"
-    k8s_network_provider  = "${var.k8s_network_provider}"
-    k8s_registry          = "${var.k8s_registry}"
-    k8s_registry_username = "${var.k8s_registry_username}"
-    k8s_registry_password = "${var.k8s_registry_password}"
+    rancher_api_url       = var.rancher_api_url
+    rancher_access_key    = var.rancher_access_key
+    rancher_secret_key    = var.rancher_secret_key
+    name                  = var.name
+    k8s_version           = var.k8s_version
+    k8s_network_provider  = var.k8s_network_provider
+    k8s_registry          = var.k8s_registry
+    k8s_registry_username = var.k8s_registry_username
+    k8s_registry_password = var.k8s_registry_password
   }
 }
 
 provider "google" {
-  credentials = "${file("${var.gcp_path_to_credentials}")}"
-  project     = "${var.gcp_project_id}"
-  region      = "${var.gcp_compute_region}"
+  credentials = file(var.gcp_path_to_credentials)
+  project     = var.gcp_project_id
+  region      = var.gcp_compute_region
 }
 
 resource "google_compute_network" "default" {
-  name                    = "${var.name}"
+  name                    = var.name
   auto_create_subnetworks = "true"
 }
 
@@ -29,7 +29,7 @@ resource "google_compute_network" "default" {
 # https://rancher.com/docs/rancher/v2.0/en/quick-start-guide/
 resource "google_compute_firewall" "rke_ports" {
   name        = "${var.name}-rke-ports"
-  network     = "${google_compute_network.default.name}"
+  network     = google_compute_network.default.name
   source_tags = ["${var.name}-nodes"]
 
   allow {
@@ -49,3 +49,4 @@ resource "google_compute_firewall" "rke_ports" {
     ]
   }
 }
+
diff --git a/terraform/modules/gcp-rancher-k8s/outputs.tf b/terraform/modules/gcp-rancher-k8s/outputs.tf
index 6b9bc96d..c8beec29 100644
--- a/terraform/modules/gcp-rancher-k8s/outputs.tf
+++ b/terraform/modules/gcp-rancher-k8s/outputs.tf
@@ -1,19 +1,20 @@
 output "rancher_cluster_id" {
-  value = "${lookup(data.external.rancher_cluster.result, "cluster_id")}"
+  value = data.external.rancher_cluster.result["cluster_id"]
 }
 
 output "rancher_cluster_registration_token" {
-  value = "${lookup(data.external.rancher_cluster.result, "registration_token")}"
+  value = data.external.rancher_cluster.result["registration_token"]
 }
 
 output "rancher_cluster_ca_checksum" {
-  value = "${lookup(data.external.rancher_cluster.result, "ca_checksum")}"
+  value = data.external.rancher_cluster.result["ca_checksum"]
 }
 
 output "gcp_compute_network_name" {
-  value = "${google_compute_network.default.name}"
+  value = google_compute_network.default.name
 }
 
 output "gcp_compute_firewall_host_tag" {
   value = "${var.name}-nodes"
 }
+
diff --git a/terraform/modules/gcp-rancher-k8s/variables.tf b/terraform/modules/gcp-rancher-k8s/variables.tf
index 66304b76..d9e619c4 100644
--- a/terraform/modules/gcp-rancher-k8s/variables.tf
+++ b/terraform/modules/gcp-rancher-k8s/variables.tf
@@ -14,11 +14,11 @@ variable "rancher_secret_key" {
   description = ""
 }
 
-variable k8s_version {
+variable "k8s_version" {
   default = "v1.17.6-rancher2-1"
 }
 
-variable k8s_network_provider {
+variable "k8s_network_provider" {
   default = "flannel"
 }
 
@@ -63,3 +63,4 @@ variable "gcp_compute_region" {
 variable "gcp_project_id" {
   description = "GCP project ID that will be running the instances and managing the network"
 }
+
diff --git a/terraform/modules/gcp-rancher-k8s/versions.tf b/terraform/modules/gcp-rancher-k8s/versions.tf
new file mode 100644
index 00000000..ac97c6ac
--- /dev/null
+++ b/terraform/modules/gcp-rancher-k8s/versions.tf
@@ -0,0 +1,4 @@
+
+terraform {
+  required_version = ">= 0.12"
+}
diff --git a/terraform/modules/gcp-rancher/main.tf b/terraform/modules/gcp-rancher/main.tf
index a55e1a74..ca2ccb95 100644
--- a/terraform/modules/gcp-rancher/main.tf
+++ b/terraform/modules/gcp-rancher/main.tf
@@ -1,11 +1,11 @@
 provider "google" {
-  credentials = "${file("${var.gcp_path_to_credentials}")}"
-  project     = "${var.gcp_project_id}"
-  region      = "${var.gcp_compute_region}"
+  credentials = file(var.gcp_path_to_credentials)
+  project     = var.gcp_project_id
+  region      = var.gcp_compute_region
 }
 
 resource "google_compute_network" "default" {
-  name                    = "${var.name}"
+  name                    = var.name
   auto_create_subnetworks = "true"
 }
 
@@ -13,7 +13,7 @@ resource "google_compute_network" "default" {
 # https://rancher.com/docs/rancher/v2.0/en/quick-start-guide/
 resource "google_compute_firewall" "rancher_master_ports" {
   name          = "${var.name}-rancher-master-ports"
-  network       = "${google_compute_network.default.name}"
+  network       = google_compute_network.default.name
   source_ranges = ["0.0.0.0/0"]
 
   allow {
@@ -28,26 +28,26 @@ resource "google_compute_firewall" "rancher_master_ports" {
 }
 
 resource "google_compute_instance" "rancher_master" {
-  name         = "${var.name}"
-  machine_type = "${var.gcp_machine_type}"
-  zone         = "${var.gcp_instance_zone}"
-  project      = "${var.gcp_project_id}"
+  name         = var.name
+  machine_type = var.gcp_machine_type
+  zone         = var.gcp_instance_zone
+  project      = var.gcp_project_id
 
   boot_disk {
     initialize_params {
-      image = "${var.gcp_image}"
+      image = var.gcp_image
     }
   }
 
   network_interface {
-    network = "${google_compute_network.default.name}"
+    network = google_compute_network.default.name
 
     access_config {
       // Ephemeral IP
     }
   }
 
-  metadata {
+  metadata = {
     sshKeys = "${var.gcp_ssh_user}:${file(var.gcp_public_key_path)}"
   }
 
@@ -55,91 +55,93 @@ resource "google_compute_instance" "rancher_master" {
     scopes = ["https://www.googleapis.com/auth/cloud-platform"]
   }
 
-  metadata_startup_script = "${data.template_file.install_docker.rendered}"
+  metadata_startup_script = data.template_file.install_docker.rendered
 }
 
 locals {
-  rancher_master_id = "${google_compute_instance.rancher_master.instance_id}"
-  rancher_master_ip = "${google_compute_instance.rancher_master.network_interface.0.access_config.0.assigned_nat_ip}"
-  ssh_user          = "${var.gcp_ssh_user}"
-  key_path          = "${var.gcp_private_key_path}"
+  rancher_master_id = google_compute_instance.rancher_master.instance_id
+  rancher_master_ip = google_compute_instance.rancher_master.network_interface[0].access_config[0].assigned_nat_ip
+  ssh_user          = var.gcp_ssh_user
+  key_path          = var.gcp_private_key_path
 }
 
 data "template_file" "install_docker" {
-  template = "${file("${path.module}/files/install_docker_rancher.sh.tpl")}"
-
-  vars {
-    docker_engine_install_url = "${var.docker_engine_install_url}"
-
-    rancher_server_image      = "${var.rancher_server_image}"
-    rancher_registry          = "${var.rancher_registry}"
-    rancher_registry_username = "${var.rancher_registry_username}"
-    rancher_registry_password = "${var.rancher_registry_password}"
+  template = file("${path.module}/files/install_docker_rancher.sh.tpl")
+
+  vars = {
+    docker_engine_install_url = var.docker_engine_install_url
+    rancher_server_image      = var.rancher_server_image
+    rancher_registry          = var.rancher_registry
+    rancher_registry_username = var.rancher_registry_username
+    rancher_registry_password = var.rancher_registry_password
   }
 }
 
 data "template_file" "install_rancher_master" {
-  template = "${file("${path.module}/files/install_rancher_master.sh.tpl")}"
+  template = file("${path.module}/files/install_rancher_master.sh.tpl")
 
-  vars {
-    rancher_server_image      = "${var.rancher_server_image}"
-    rancher_registry          = "${var.rancher_registry}"
-    rancher_registry_username = "${var.rancher_registry_username}"
-    rancher_registry_password = "${var.rancher_registry_password}"
+  vars = {
+    rancher_server_image      = var.rancher_server_image
+    rancher_registry          = var.rancher_registry
+    rancher_registry_username = var.rancher_registry_username
+    rancher_registry_password = var.rancher_registry_password
   }
 }
 
 resource "null_resource" "install_rancher_master" {
   # Changes to any instance of the cluster requires re-provisioning
-  triggers {
-    rancher_master_id = "${local.rancher_master_id}"
+  triggers = {
+    rancher_master_id = local.rancher_master_id
   }
 
   connection {
     type        = "ssh"
-    user        = "${local.ssh_user}"
-    host        = "${local.rancher_master_ip}"
-    private_key = "${file(local.key_path)}"
+    user        = local.ssh_user
+    host        = local.rancher_master_ip
+    private_key = file(local.key_path)
   }
 
   provisioner "remote-exec" {
     inline = <<EOF
       ${data.template_file.install_rancher_master.rendered}
-      EOF
+      
+EOF
+
   }
 }
 
 data "template_file" "setup_rancher_k8s" {
-  template = "${file("${path.module}/files/setup_rancher.sh.tpl")}"
+  template = file("${path.module}/files/setup_rancher.sh.tpl")
 
-  vars {
-    name                  = "${var.name}"
-    rancher_host          = "https://127.0.0.1"
-    host_registration_url = "https://${local.rancher_master_ip}"
-
-    rancher_admin_password = "${var.rancher_admin_password}"
+  vars = {
+    name                   = var.name
+    rancher_host           = "https://127.0.0.1"
+    host_registration_url  = "https://${local.rancher_master_ip}"
+    rancher_admin_password = var.rancher_admin_password
   }
 }
 
 resource "null_resource" "setup_rancher_k8s" {
-  depends_on = ["null_resource.install_rancher_master"]
+  depends_on = [null_resource.install_rancher_master]
 
   # Changes to any instance of the cluster requires re-provisioning
-  triggers {
-    rancher_master_id = "${local.rancher_master_id}"
+  triggers = {
+    rancher_master_id = local.rancher_master_id
   }
 
   connection {
     type        = "ssh"
-    user        = "${local.ssh_user}"
-    host        = "${local.rancher_master_ip}"
-    private_key = "${file(local.key_path)}"
+    user        = local.ssh_user
+    host        = local.rancher_master_ip
+    private_key = file(local.key_path)
   }
 
   provisioner "remote-exec" {
     inline = <<EOF
       ${data.template_file.setup_rancher_k8s.rendered}
-      EOF
+      
+EOF
+
   }
 }
 
@@ -150,10 +152,11 @@ data "external" "rancher_server" {
   program = ["bash", "${path.module}/files/rancher_server.sh"]
 
   query = {
-    id        = "${null_resource.setup_rancher_k8s.id}" // used to create an implicit dependency
-    ssh_host  = "${local.rancher_master_ip}"
-    ssh_user  = "${local.ssh_user}"
-    key_path  = "${local.key_path}"
+    id        = null_resource.setup_rancher_k8s.id // used to create an implicit dependency
+    ssh_host  = local.rancher_master_ip
+    ssh_user  = local.ssh_user
+    key_path  = local.key_path
     file_path = "~/rancher_api_key"
   }
 }
+
diff --git a/terraform/modules/gcp-rancher/outputs.tf b/terraform/modules/gcp-rancher/outputs.tf
index 8e7cffce..18d41f93 100644
--- a/terraform/modules/gcp-rancher/outputs.tf
+++ b/terraform/modules/gcp-rancher/outputs.tf
@@ -3,9 +3,10 @@ output "rancher_url" {
 }
 
 output "rancher_access_key" {
-  value = "${lookup(data.external.rancher_server.result, "name")}"
+  value = data.external.rancher_server.result["name"]
 }
 
 output "rancher_secret_key" {
-  value = "${lookup(data.external.rancher_server.result, "token")}"
+  value = data.external.rancher_server.result["token"]
 }
+
diff --git a/terraform/modules/gcp-rancher/variables.tf b/terraform/modules/gcp-rancher/variables.tf
index 35068f97..3a875e70 100644
--- a/terraform/modules/gcp-rancher/variables.tf
+++ b/terraform/modules/gcp-rancher/variables.tf
@@ -48,7 +48,7 @@ variable "gcp_project_id" {
   description = "GCP project ID that will be running the instances and managing the network"
 }
 
-variable gcp_machine_type {
+variable "gcp_machine_type" {
   default     = "n1-standard-1"
   description = "GCP machine type to launch the instance with"
 }
@@ -76,3 +76,4 @@ variable "gcp_private_key_path" {
   description = "Path to a private key."
   default     = "~/.ssh/id_rsa"
 }
+
diff --git a/terraform/modules/gcp-rancher/versions.tf b/terraform/modules/gcp-rancher/versions.tf
new file mode 100644
index 00000000..ac97c6ac
--- /dev/null
+++ b/terraform/modules/gcp-rancher/versions.tf
@@ -0,0 +1,4 @@
+
+terraform {
+  required_version = ">= 0.12"
+}
diff --git a/terraform/modules/gke-rancher-k8s/main.tf b/terraform/modules/gke-rancher-k8s/main.tf
index f99cd865..ffa3e583 100644
--- a/terraform/modules/gke-rancher-k8s/main.tf
+++ b/terraform/modules/gke-rancher-k8s/main.tf
@@ -2,34 +2,32 @@ data "external" "rancher_cluster" {
   program = ["bash", "${path.module}/files/rancher_cluster_import.sh"]
 
   query = {
-    rancher_api_url    = "${var.rancher_api_url}"
-    rancher_access_key = "${var.rancher_access_key}"
-    rancher_secret_key = "${var.rancher_secret_key}"
-    name               = "${var.name}"
+    rancher_api_url    = var.rancher_api_url
+    rancher_access_key = var.rancher_access_key
+    rancher_secret_key = var.rancher_secret_key
+    name               = var.name
   }
 }
 
 provider "google" {
-  credentials = "${file("${var.gcp_path_to_credentials}")}"
-  project     = "${var.gcp_project_id}"
-  region      = "${var.gcp_compute_region}"
+  credentials = file(var.gcp_path_to_credentials)
+  project     = var.gcp_project_id
+  region      = var.gcp_compute_region
 }
 
 resource "google_container_cluster" "primary" {
-  name               = "${var.name}"
-  zone               = "${var.gcp_zone}"
-  initial_node_count = "${var.node_count}"
+  name               = var.name
+  zone               = var.gcp_zone
+  initial_node_count = var.node_count
 
-  min_master_version = "${var.k8s_version}"
-  node_version       = "${var.k8s_version}"
+  min_master_version = var.k8s_version
+  node_version       = var.k8s_version
 
-  additional_zones = [
-    "${var.gcp_additional_zones}",
-  ]
+  additional_zones = var.gcp_additional_zones
 
   master_auth {
     username = "admin"
-    password = "${var.password}"
+    password = var.password
   }
 
   node_config {
@@ -48,8 +46,8 @@ locals {
 
 # Bootstrap rancher in gke environment
 resource "null_resource" "import_rancher" {
-  triggers {
-    cluster = "${google_container_cluster.primary.endpoint}"
+  triggers = {
+    cluster = google_container_cluster.primary.endpoint
   }
 
   provisioner "local-exec" {
@@ -59,16 +57,16 @@ resource "null_resource" "import_rancher" {
   provisioner "local-exec" {
     command = "gcloud container clusters get-credentials ${var.name} --zone ${var.gcp_zone} --project ${var.gcp_project_id}"
 
-    environment {
-      KUBECONFIG = "${local.kube_config_path}"
+    environment = {
+      KUBECONFIG = local.kube_config_path
     }
   }
 
   provisioner "local-exec" {
     command = "curl --insecure -sfL ${var.rancher_api_url}/v3/import/${data.external.rancher_cluster.result.registration_token}.yaml | kubectl apply -f -"
 
-    environment {
-      KUBECONFIG = "${local.kube_config_path}"
+    environment = {
+      KUBECONFIG = local.kube_config_path
     }
   }
 
@@ -80,3 +78,4 @@ resource "null_resource" "import_rancher" {
     command = "gcloud auth revoke"
   }
 }
+
diff --git a/terraform/modules/gke-rancher-k8s/outputs.tf b/terraform/modules/gke-rancher-k8s/outputs.tf
index 5af2b9e1..5239f359 100644
--- a/terraform/modules/gke-rancher-k8s/outputs.tf
+++ b/terraform/modules/gke-rancher-k8s/outputs.tf
@@ -1,11 +1,12 @@
 output "rancher_cluster_id" {
-  value = "${lookup(data.external.rancher_cluster.result, "cluster_id")}"
+  value = data.external.rancher_cluster.result["cluster_id"]
 }
 
 output "rancher_cluster_registration_token" {
-  value = "${lookup(data.external.rancher_cluster.result, "registration_token")}"
+  value = data.external.rancher_cluster.result["registration_token"]
 }
 
 output "rancher_cluster_ca_checksum" {
-  value = "${lookup(data.external.rancher_cluster.result, "ca_checksum")}"
-}
\ No newline at end of file
+  value = data.external.rancher_cluster.result["ca_checksum"]
+}
+
diff --git a/terraform/modules/gke-rancher-k8s/variables.tf b/terraform/modules/gke-rancher-k8s/variables.tf
index c4a26693..03b52394 100644
--- a/terraform/modules/gke-rancher-k8s/variables.tf
+++ b/terraform/modules/gke-rancher-k8s/variables.tf
@@ -31,11 +31,11 @@ variable "gcp_zone" {
 }
 
 variable "gcp_additional_zones" {
-  type        = "list"
+  type        = list(string)
   description = "Zones to deploy GKE cluster nodes in"
 }
 
-variable gcp_machine_type {
+variable "gcp_machine_type" {
   default     = "n1-standard-1"
   description = "GCP machine type to launch the instance with"
 }
@@ -44,6 +44,9 @@ variable "k8s_version" {
   default = "1.8.8-gke.0"
 }
 
-variable "node_count" {}
+variable "node_count" {
+}
+
+variable "password" {
+}
 
-variable "password" {}
diff --git a/terraform/modules/gke-rancher-k8s/versions.tf b/terraform/modules/gke-rancher-k8s/versions.tf
new file mode 100644
index 00000000..ac97c6ac
--- /dev/null
+++ b/terraform/modules/gke-rancher-k8s/versions.tf
@@ -0,0 +1,4 @@
+
+terraform {
+  required_version = ">= 0.12"
+}
diff --git a/terraform/modules/k8s-backup-manta/main.tf b/terraform/modules/k8s-backup-manta/main.tf
index dacef868..0fb8bfe4 100644
--- a/terraform/modules/k8s-backup-manta/main.tf
+++ b/terraform/modules/k8s-backup-manta/main.tf
@@ -1,11 +1,11 @@
 data "template_file" "minio_manta_deployment" {
-  template = "${file("${path.module}/files/minio-manta-deployment.yaml")}"
+  template = file("${path.module}/files/minio-manta-deployment.yaml")
 
-  vars {
-    triton_account      = "${var.triton_account}"
-    triton_key_id       = "${var.triton_key_id}"
-    triton_key_material = "${indent(12, file("${var.triton_key_path}"))}" // indent to keep yaml multi line compliance
-    manta_subuser       = "${var.manta_subuser}"
+  vars = {
+    triton_account      = var.triton_account
+    triton_key_id       = var.triton_key_id
+    triton_key_material = indent(12, file(var.triton_key_path)) // indent to keep yaml multi line compliance
+    manta_subuser       = var.manta_subuser
   }
 }
 
@@ -36,12 +36,17 @@ resource "null_resource" "setup_ark_backup" {
         -H 'Content-Type: application/json' \
         -d '' \
         '${var.rancher_api_url}/v3/clusters/${var.rancher_cluster_id}?action=generateKubeconfig' | jq -r '.config' > kubeconfig.yaml
-    EOT
+    
+EOT
+
   }
 
   provisioner "local-exec" {
     # Write minio_manta_deployment.yaml to disk
-    command = "${format("cat << EOF > minio_manta_deployment.yaml \n%s\nEOF", data.template_file.minio_manta_deployment.rendered)}"
+    command = format(
+      "cat << EOF > minio_manta_deployment.yaml \n%s\nEOF",
+      data.template_file.minio_manta_deployment.rendered,
+    )
   }
 
   provisioner "local-exec" {
@@ -60,3 +65,4 @@ resource "null_resource" "setup_ark_backup" {
     command = "rm -rf ark ark-* minio_manta_deployment.yaml kubeconfig.yaml v0.7.1.tar.gz"
   }
 }
+
diff --git a/terraform/modules/k8s-backup-manta/outputs.tf b/terraform/modules/k8s-backup-manta/outputs.tf
deleted file mode 100644
index 8b137891..00000000
--- a/terraform/modules/k8s-backup-manta/outputs.tf
+++ /dev/null
@@ -1 +0,0 @@
-
diff --git a/terraform/modules/k8s-backup-manta/variables.tf b/terraform/modules/k8s-backup-manta/variables.tf
index 03a49cc3..8ef03702 100644
--- a/terraform/modules/k8s-backup-manta/variables.tf
+++ b/terraform/modules/k8s-backup-manta/variables.tf
@@ -1,10 +1,14 @@
-variable "rancher_api_url" {}
+variable "rancher_api_url" {
+}
 
-variable "rancher_access_key" {}
+variable "rancher_access_key" {
+}
 
-variable "rancher_secret_key" {}
+variable "rancher_secret_key" {
+}
 
-variable "rancher_cluster_id" {}
+variable "rancher_cluster_id" {
+}
 
 variable "triton_key_path" {
   default     = ""
@@ -23,3 +27,4 @@ variable "manta_subuser" {
   default     = ""
   description = "The Manta subuser"
 }
+
diff --git a/terraform/modules/k8s-backup-manta/versions.tf b/terraform/modules/k8s-backup-manta/versions.tf
new file mode 100644
index 00000000..ac97c6ac
--- /dev/null
+++ b/terraform/modules/k8s-backup-manta/versions.tf
@@ -0,0 +1,4 @@
+
+terraform {
+  required_version = ">= 0.12"
+}
diff --git a/terraform/modules/k8s-backup-s3/main.tf b/terraform/modules/k8s-backup-s3/main.tf
index eb5c213f..6bd79542 100644
--- a/terraform/modules/k8s-backup-s3/main.tf
+++ b/terraform/modules/k8s-backup-s3/main.tf
@@ -25,7 +25,9 @@ resource "null_resource" "setup_ark_backup" {
         -H 'Content-Type: application/json' \
         -d '' \
         '${var.rancher_api_url}/v3/clusters/${var.rancher_cluster_id}?action=generateKubeconfig' | jq -r '.config' > kubeconfig.yaml
-    EOT
+    
+EOT
+
   }
 
   provisioner "local-exec" {
@@ -35,7 +37,9 @@ resource "null_resource" "setup_ark_backup" {
         aws_access_key_id=${var.aws_access_key}
         aws_secret_access_key=${var.aws_secret_key}
       EOF
-    EOT
+    
+EOT
+
   }
 
   provisioner "local-exec" {
@@ -45,7 +49,7 @@ resource "null_resource" "setup_ark_backup" {
   provisioner "local-exec" {
     command = "kubectl create secret generic cloud-credentials --namespace $ARK_SERVER_NAMESPACE --from-file cloud=credentials-ark --kubeconfig=kubeconfig.yaml --dry-run -o yaml | kubectl apply --kubeconfig=kubeconfig.yaml -f -"
 
-    environment {
+    environment = {
       ARK_SERVER_NAMESPACE = "heptio-ark-server"
     }
   }
@@ -54,7 +58,9 @@ resource "null_resource" "setup_ark_backup" {
     command = <<EOT
       sed -i '.original' 's/<YOUR_BUCKET>/${var.aws_s3_bucket}/g' ark-0.7.1/examples/aws/00-ark-config.yaml
       sed -i '.original' 's/<YOUR_REGION>/${var.aws_region}/g' ark-0.7.1/examples/aws/00-ark-config.yaml
-    EOT
+    
+EOT
+
   }
 
   provisioner "local-exec" {
@@ -69,3 +75,4 @@ resource "null_resource" "setup_ark_backup" {
     command = "rm -rf ark ark-* credentials-ark kubeconfig.yaml v0.7.1.tar.gz"
   }
 }
+
diff --git a/terraform/modules/k8s-backup-s3/outputs.tf b/terraform/modules/k8s-backup-s3/outputs.tf
deleted file mode 100644
index 8b137891..00000000
--- a/terraform/modules/k8s-backup-s3/outputs.tf
+++ /dev/null
@@ -1 +0,0 @@
-
diff --git a/terraform/modules/k8s-backup-s3/variables.tf b/terraform/modules/k8s-backup-s3/variables.tf
index e2c3c47e..11946cbc 100644
--- a/terraform/modules/k8s-backup-s3/variables.tf
+++ b/terraform/modules/k8s-backup-s3/variables.tf
@@ -1,10 +1,14 @@
-variable "rancher_api_url" {}
+variable "rancher_api_url" {
+}
 
-variable "rancher_access_key" {}
+variable "rancher_access_key" {
+}
 
-variable "rancher_secret_key" {}
+variable "rancher_secret_key" {
+}
 
-variable "rancher_cluster_id" {}
+variable "rancher_cluster_id" {
+}
 
 variable "aws_access_key" {
   default     = ""
@@ -25,3 +29,4 @@ variable "aws_s3_bucket" {
   default     = ""
   description = "Name of the AWS bucket where the Heptio ARK backup will be stored."
 }
+
diff --git a/terraform/modules/k8s-backup-s3/versions.tf b/terraform/modules/k8s-backup-s3/versions.tf
new file mode 100644
index 00000000..ac97c6ac
--- /dev/null
+++ b/terraform/modules/k8s-backup-s3/versions.tf
@@ -0,0 +1,4 @@
+
+terraform {
+  required_version = ">= 0.12"
+}
diff --git a/terraform/modules/triton-rancher-k8s-host/versions.tf b/terraform/modules/triton-rancher-k8s-host/versions.tf
new file mode 100644
index 00000000..ac97c6ac
--- /dev/null
+++ b/terraform/modules/triton-rancher-k8s-host/versions.tf
@@ -0,0 +1,4 @@
+
+terraform {
+  required_version = ">= 0.12"
+}
diff --git a/terraform/modules/triton-rancher-k8s/versions.tf b/terraform/modules/triton-rancher-k8s/versions.tf
new file mode 100644
index 00000000..ac97c6ac
--- /dev/null
+++ b/terraform/modules/triton-rancher-k8s/versions.tf
@@ -0,0 +1,4 @@
+
+terraform {
+  required_version = ">= 0.12"
+}
diff --git a/terraform/modules/triton-rancher/versions.tf b/terraform/modules/triton-rancher/versions.tf
new file mode 100644
index 00000000..ac97c6ac
--- /dev/null
+++ b/terraform/modules/triton-rancher/versions.tf
@@ -0,0 +1,4 @@
+
+terraform {
+  required_version = ">= 0.12"
+}
diff --git a/terraform/modules/vsphere-rancher-k8s-host/main.tf b/terraform/modules/vsphere-rancher-k8s-host/main.tf
index aa8a4ad9..b86a7ae1 100644
--- a/terraform/modules/vsphere-rancher-k8s-host/main.tf
+++ b/terraform/modules/vsphere-rancher-k8s-host/main.tf
@@ -1,102 +1,103 @@
 provider "vsphere" {
-  user           = "${var.vsphere_user}"
-  password       = "${var.vsphere_password}"
-  vsphere_server = "${var.vsphere_server}"
+  user           = var.vsphere_user
+  password       = var.vsphere_password
+  vsphere_server = var.vsphere_server
 
   allow_unverified_ssl = true
 }
 
 locals {
-  rancher_node_role = "${element(keys(var.rancher_host_labels), 0)}"
+  rancher_node_role = element(keys(var.rancher_host_labels), 0)
 }
 
 data "template_file" "install_rancher_agent" {
-  template = "${file("${path.module}/files/install_rancher_agent.sh.tpl")}"
-
-  vars {
-    hostname                  = "${var.hostname}"
-    docker_engine_install_url = "${var.docker_engine_install_url}"
-
-    rancher_api_url                    = "${var.rancher_api_url}"
-    rancher_cluster_registration_token = "${var.rancher_cluster_registration_token}"
-    rancher_cluster_ca_checksum        = "${var.rancher_cluster_ca_checksum}"
-    rancher_node_role                  = "${local.rancher_node_role == "control" ? "controlplane" : local.rancher_node_role}"
-    rancher_agent_image                = "${var.rancher_agent_image}"
-
-    rancher_registry          = "${var.rancher_registry}"
-    rancher_registry_username = "${var.rancher_registry_username}"
-    rancher_registry_password = "${var.rancher_registry_password}"
+  template = file("${path.module}/files/install_rancher_agent.sh.tpl")
+
+  vars = {
+    hostname                           = var.hostname
+    docker_engine_install_url          = var.docker_engine_install_url
+    rancher_api_url                    = var.rancher_api_url
+    rancher_cluster_registration_token = var.rancher_cluster_registration_token
+    rancher_cluster_ca_checksum        = var.rancher_cluster_ca_checksum
+    rancher_node_role                  = local.rancher_node_role == "control" ? "controlplane" : local.rancher_node_role
+    rancher_agent_image                = var.rancher_agent_image
+    rancher_registry                   = var.rancher_registry
+    rancher_registry_username          = var.rancher_registry_username
+    rancher_registry_password          = var.rancher_registry_password
   }
 }
 
 data "vsphere_datacenter" "dc" {
-  name = "${var.vsphere_datacenter_name}"
+  name = var.vsphere_datacenter_name
 }
 
 data "vsphere_datastore" "datastore" {
-  name          = "${var.vsphere_datastore_name}"
-  datacenter_id = "${data.vsphere_datacenter.dc.id}"
+  name          = var.vsphere_datastore_name
+  datacenter_id = data.vsphere_datacenter.dc.id
 }
 
 data "vsphere_resource_pool" "pool" {
-  name          = "${var.vsphere_resource_pool_name}"
-  datacenter_id = "${data.vsphere_datacenter.dc.id}"
+  name          = var.vsphere_resource_pool_name
+  datacenter_id = data.vsphere_datacenter.dc.id
 }
 
 data "vsphere_network" "network" {
-  name          = "${var.vsphere_network_name}"
-  datacenter_id = "${data.vsphere_datacenter.dc.id}"
+  name          = var.vsphere_network_name
+  datacenter_id = data.vsphere_datacenter.dc.id
 }
 
 data "vsphere_virtual_machine" "template" {
-  name          = "${var.vsphere_template_name}"
-  datacenter_id = "${data.vsphere_datacenter.dc.id}"
+  name          = var.vsphere_template_name
+  datacenter_id = data.vsphere_datacenter.dc.id
 }
 
 resource "vsphere_virtual_machine" "vm" {
-  name             = "${var.hostname}"
-  resource_pool_id = "${data.vsphere_resource_pool.pool.id}"
-  datastore_id     = "${data.vsphere_datastore.datastore.id}"
+  name             = var.hostname
+  resource_pool_id = data.vsphere_resource_pool.pool.id
+  datastore_id     = data.vsphere_datastore.datastore.id
 
   num_cpus = 2
   memory   = 2048
-  guest_id = "${data.vsphere_virtual_machine.template.guest_id}"
+  guest_id = data.vsphere_virtual_machine.template.guest_id
 
-  scsi_type = "${data.vsphere_virtual_machine.template.scsi_type}"
+  scsi_type = data.vsphere_virtual_machine.template.scsi_type
 
   network_interface {
-    network_id   = "${data.vsphere_network.network.id}"
-    adapter_type = "${data.vsphere_virtual_machine.template.network_interface_types[0]}"
+    network_id   = data.vsphere_network.network.id
+    adapter_type = data.vsphere_virtual_machine.template.network_interface_types[0]
   }
 
   disk {
     label            = "disk0"
-    size             = "${data.vsphere_virtual_machine.template.disks.0.size}"
-    eagerly_scrub    = "${data.vsphere_virtual_machine.template.disks.0.eagerly_scrub}"
-    thin_provisioned = "${data.vsphere_virtual_machine.template.disks.0.thin_provisioned}"
+    size             = data.vsphere_virtual_machine.template.disks[0].size
+    eagerly_scrub    = data.vsphere_virtual_machine.template.disks[0].eagerly_scrub
+    thin_provisioned = data.vsphere_virtual_machine.template.disks[0].thin_provisioned
   }
 
   clone {
-    template_uuid = "${data.vsphere_virtual_machine.template.id}"
+    template_uuid = data.vsphere_virtual_machine.template.id
   }
 }
 
 resource "null_resource" "install_rancher_agent" {
-  triggers {
-    vsphere_virtual_machine_id = "${vsphere_virtual_machine.vm.id}"
+  triggers = {
+    vsphere_virtual_machine_id = vsphere_virtual_machine.vm.id
   }
 
   connection {
     type = "ssh"
-    user = "${var.ssh_user}"
+    user = var.ssh_user
 
-    host        = "${vsphere_virtual_machine.vm.default_ip_address}"
-    private_key = "${file(var.key_path)}"
+    host        = vsphere_virtual_machine.vm.default_ip_address
+    private_key = file(var.key_path)
   }
 
   provisioner "remote-exec" {
     inline = <<EOF
       ${data.template_file.install_rancher_agent.rendered}
-      EOF
+      
+EOF
+
   }
 }
+
diff --git a/terraform/modules/vsphere-rancher-k8s-host/outputs.tf b/terraform/modules/vsphere-rancher-k8s-host/outputs.tf
deleted file mode 100644
index 8b137891..00000000
--- a/terraform/modules/vsphere-rancher-k8s-host/outputs.tf
+++ /dev/null
@@ -1 +0,0 @@
-
diff --git a/terraform/modules/vsphere-rancher-k8s-host/variables.tf b/terraform/modules/vsphere-rancher-k8s-host/variables.tf
index 9aac4b99..9e434425 100644
--- a/terraform/modules/vsphere-rancher-k8s-host/variables.tf
+++ b/terraform/modules/vsphere-rancher-k8s-host/variables.tf
@@ -6,12 +6,14 @@ variable "rancher_api_url" {
   description = ""
 }
 
-variable "rancher_cluster_registration_token" {}
+variable "rancher_cluster_registration_token" {
+}
 
-variable "rancher_cluster_ca_checksum" {}
+variable "rancher_cluster_ca_checksum" {
+}
 
 variable "rancher_host_labels" {
-  type        = "map"
+  type        = map(string)
   description = "A map of key/value pairs that get passed to the rancher agent on the host."
 }
 
@@ -81,3 +83,4 @@ variable "key_path" {
   default     = "~/.ssh/id_rsa"
   description = ""
 }
+
diff --git a/terraform/modules/vsphere-rancher-k8s-host/versions.tf b/terraform/modules/vsphere-rancher-k8s-host/versions.tf
new file mode 100644
index 00000000..ac97c6ac
--- /dev/null
+++ b/terraform/modules/vsphere-rancher-k8s-host/versions.tf
@@ -0,0 +1,4 @@
+
+terraform {
+  required_version = ">= 0.12"
+}
diff --git a/terraform/modules/vsphere-rancher-k8s/main.tf b/terraform/modules/vsphere-rancher-k8s/main.tf
index 10c8bc45..3afd5a20 100644
--- a/terraform/modules/vsphere-rancher-k8s/main.tf
+++ b/terraform/modules/vsphere-rancher-k8s/main.tf
@@ -2,41 +2,42 @@ data "external" "rancher_cluster" {
   program = ["bash", "${path.module}/files/rancher_cluster.sh"]
 
   query = {
-    rancher_api_url       = "${var.rancher_api_url}"
-    rancher_access_key    = "${var.rancher_access_key}"
-    rancher_secret_key    = "${var.rancher_secret_key}"
-    name                  = "${var.name}"
-    k8s_version           = "${var.k8s_version}"
-    k8s_network_provider  = "${var.k8s_network_provider}"
-    k8s_registry          = "${var.k8s_registry}"
-    k8s_registry_username = "${var.k8s_registry_username}"
-    k8s_registry_password = "${var.k8s_registry_password}"
+    rancher_api_url       = var.rancher_api_url
+    rancher_access_key    = var.rancher_access_key
+    rancher_secret_key    = var.rancher_secret_key
+    name                  = var.name
+    k8s_version           = var.k8s_version
+    k8s_network_provider  = var.k8s_network_provider
+    k8s_registry          = var.k8s_registry
+    k8s_registry_username = var.k8s_registry_username
+    k8s_registry_password = var.k8s_registry_password
   }
 }
 
 provider "vsphere" {
-  user           = "${var.vsphere_user}"
-  password       = "${var.vsphere_password}"
-  vsphere_server = "${var.vsphere_server}"
+  user           = var.vsphere_user
+  password       = var.vsphere_password
+  vsphere_server = var.vsphere_server
 
   allow_unverified_ssl = "true"
 }
 
 data "vsphere_datacenter" "dc" {
-  name = "${var.vsphere_datacenter_name}"
+  name = var.vsphere_datacenter_name
 }
 
 data "vsphere_datastore" "datastore" {
-  name          = "${var.vsphere_datastore_name}"
-  datacenter_id = "${data.vsphere_datacenter.dc.id}"
+  name          = var.vsphere_datastore_name
+  datacenter_id = data.vsphere_datacenter.dc.id
 }
 
 data "vsphere_resource_pool" "pool" {
-  name          = "${var.vsphere_resource_pool_name}"
-  datacenter_id = "${data.vsphere_datacenter.dc.id}"
+  name          = var.vsphere_resource_pool_name
+  datacenter_id = data.vsphere_datacenter.dc.id
 }
 
 data "vsphere_network" "network" {
-  name          = "${var.vsphere_network_name}"
-  datacenter_id = "${data.vsphere_datacenter.dc.id}"
+  name          = var.vsphere_network_name
+  datacenter_id = data.vsphere_datacenter.dc.id
 }
+
diff --git a/terraform/modules/vsphere-rancher-k8s/outputs.tf b/terraform/modules/vsphere-rancher-k8s/outputs.tf
index 7aa5fd3b..85a59912 100644
--- a/terraform/modules/vsphere-rancher-k8s/outputs.tf
+++ b/terraform/modules/vsphere-rancher-k8s/outputs.tf
@@ -1,27 +1,28 @@
 output "rancher_cluster_id" {
-  value = "${lookup(data.external.rancher_cluster.result, "cluster_id")}"
+  value = data.external.rancher_cluster.result["cluster_id"]
 }
 
 output "rancher_cluster_registration_token" {
-  value = "${lookup(data.external.rancher_cluster.result, "registration_token")}"
+  value = data.external.rancher_cluster.result["registration_token"]
 }
 
 output "rancher_cluster_ca_checksum" {
-  value = "${lookup(data.external.rancher_cluster.result, "ca_checksum")}"
+  value = data.external.rancher_cluster.result["ca_checksum"]
 }
 
 output "vsphere_datacenter_name" {
-  value = "${var.vsphere_datacenter_name}"
+  value = var.vsphere_datacenter_name
 }
 
 output "vsphere_datastore_name" {
-  value = "${var.vsphere_datastore_name}"
+  value = var.vsphere_datastore_name
 }
 
 output "vsphere_resource_pool_name" {
-  value = "${var.vsphere_resource_pool_name}"
+  value = var.vsphere_resource_pool_name
 }
 
 output "vsphere_network_name" {
-  value = "${var.vsphere_network_name}"
+  value = var.vsphere_network_name
 }
+
diff --git a/terraform/modules/vsphere-rancher-k8s/variables.tf b/terraform/modules/vsphere-rancher-k8s/variables.tf
index c040b917..4665a726 100644
--- a/terraform/modules/vsphere-rancher-k8s/variables.tf
+++ b/terraform/modules/vsphere-rancher-k8s/variables.tf
@@ -79,3 +79,4 @@ variable "vsphere_resource_pool_name" {
 variable "vsphere_network_name" {
   description = "Name of the network to use."
 }
+
diff --git a/terraform/modules/vsphere-rancher-k8s/versions.tf b/terraform/modules/vsphere-rancher-k8s/versions.tf
new file mode 100644
index 00000000..ac97c6ac
--- /dev/null
+++ b/terraform/modules/vsphere-rancher-k8s/versions.tf
@@ -0,0 +1,4 @@
+
+terraform {
+  required_version = ">= 0.12"
+}