diff --git a/staging/.terraform.lock.hcl b/staging/.terraform.lock.hcl
index 4054f11..7c6c1cf 100644
--- a/staging/.terraform.lock.hcl
+++ b/staging/.terraform.lock.hcl
@@ -2,37 +2,42 @@
 # Manual edits may be lost in future updates.
 
 provider "registry.terraform.io/hashicorp/aws" {
-  version = "3.22.0"
+  version = "6.7.0"
   hashes = [
-    "h1:KVhBCK+8d3Jpq7T/Un94WH0LiGGCT3j7HCuW71CGd1M=",
-    "h1:f/Tz8zv1Zb78ZaiyJkQ0MGIViZwbYrLuQk3kojPM91c=",
-    "zh:4a9a66caf1964cdd3b61fb3ebb0da417195a5529cb8e496f266b0778335d11c8",
-    "zh:514f2f006ae68db715d86781673faf9483292deab235c7402ff306e0e92ea11a",
-    "zh:5277b61109fddb9011728f6650ef01a639a0590aeffe34ed7de7ba10d0c31803",
-    "zh:67784dc8c8375ab37103eea1258c3334ee92be6de033c2b37e3a2a65d0005142",
-    "zh:76d4c8be2ca4a3294fb51fb58de1fe03361d3bc403820270cc8e71a04c5fa806",
-    "zh:8f90b1cfdcf6e8fb1a9d0382ecaa5056a3a84c94e313fbf9e92c89de271cdede",
-    "zh:d0ac346519d0df124df89be2d803eb53f373434890f6ee3fb37112802f9eac59",
-    "zh:d6256feedada82cbfb3b1dd6dd9ad02048f23120ab50e6146a541cb11a108cc1",
-    "zh:db2fe0d2e77c02e9a74e1ed694aa352295a50283f9a1cf896e5be252af14e9f4",
-    "zh:eda61e889b579bd90046939a5b40cf5dc9031fb5a819fc3e4667a78bd432bdb2",
+    "h1:MR1e3FM/ZMHBaUOsLJu2XIjkbogmh5q5IV/N73zGX14=",
+    "zh:3c0a256f813e5e2c1e1aa137204ad9168ebe487f6cee874af9e9c78eb300568e",
+    "zh:3c49dd75ea28395b29ba259988826b956c8adf6c0b59dd8874feb4f47bad976a",
+    "zh:3e6e3e3bfc6594f4f9e2c017ee588c5fcad394b87dd0b68a3f37cd66001f3c8c",
+    "zh:3f9b55826eeebf9b2ed448fc111d772c703e1edc6678e1bb646e66f3c3f9308f",
+    "zh:44e4ced936045ddc42d22c653a6427e7eb2b7aee918dff8438da0cb40996beb4",
+    "zh:474ab4d63918f41e8ea1cef43aeb1c719629dbf289db175c95de1431a8853ae7",
+    "zh:71b9e1d82c5ccc8d9bf72b3712c2b90722fc1f35a0f0f7a9557b9ee01971e6e2",
+    "zh:7723256d6ccc55f4000d1df8db202b02b30a7d917f5d31624c717e14ba15ea95",
+    "zh:82174836faa830aff0e47ea61d4cfbb5c97e1e944b1978f1d933acd37f584c88",
+    "zh:8e62fdc10206ba7232eec991e5a387378f2fbe47cc717b7f60eeb1df2c974514",
+    "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425",
+    "zh:be24dd2d53b224d7098e75ca432746e3420ce071189eea100aa8cbcd2498d389",
+    "zh:d27651d0e458933127ddca35a833e1a0f0ff0c131391288b3239763a2fd8f96f",
+    "zh:d33c181fff1b96bf8366e6c3d92408370b21649291e8f4d1f7e9a3fbb920fc9d",
+    "zh:edc0a0a84f85036c6d3df29d09557bd43206d9ee57b10542b484050f0f34d242",
   ]
 }
 
 provider "registry.terraform.io/hashicorp/random" {
-  version = "3.0.0"
+  version = "3.7.2"
   hashes = [
-    "h1:+JUEdzBH7Od9JKdMMAIJlX9v6P8jfbMR7V4/FKXLAgY=",
-    "h1:yhHJpb4IfQQfuio7qjUXuUFTU/s+ensuEpm23A+VWz0=",
-    "zh:0fcb00ff8b87dcac1b0ee10831e47e0203a6c46aafd76cb140ba2bab81f02c6b",
-    "zh:123c984c0e04bad910c421028d18aa2ca4af25a153264aef747521f4e7c36a17",
-    "zh:287443bc6fd7fa9a4341dec235589293cbcc6e467a042ae225fd5d161e4e68dc",
-    "zh:2c1be5596dd3cca4859466885eaedf0345c8e7628503872610629e275d71b0d2",
-    "zh:684a2ef6f415287944a3d966c4c8cee82c20e393e096e2f7cdcb4b2528407f6b",
-    "zh:7625ccbc6ff17c2d5360ff2af7f9261c3f213765642dcd84e84ae02a3768fd51",
-    "zh:9a60811ab9e6a5bfa6352fbb943bb530acb6198282a49373283a8fa3aa2b43fc",
-    "zh:c73e0eaeea6c65b1cf5098b101d51a2789b054201ce7986a6d206a9e2dacaefd",
-    "zh:e8f9ed41ac83dbe407de9f0206ef1148204a0d51ba240318af801ffb3ee5f578",
-    "zh:fbdd0684e62563d3ac33425b0ac9439d543a3942465f4b26582bcfabcb149515",
+    "h1:356j/3XnXEKr9nyicLUufzoF4Yr6hRy481KIxRVpK0c=",
+    "zh:14829603a32e4bc4d05062f059e545a91e27ff033756b48afbae6b3c835f508f",
+    "zh:1527fb07d9fea400d70e9e6eb4a2b918d5060d604749b6f1c361518e7da546dc",
+    "zh:1e86bcd7ebec85ba336b423ba1db046aeaa3c0e5f921039b3f1a6fc2f978feab",
+    "zh:24536dec8bde66753f4b4030b8f3ef43c196d69cccbea1c382d01b222478c7a3",
+    "zh:29f1786486759fad9b0ce4fdfbbfece9343ad47cd50119045075e05afe49d212",
+    "zh:4d701e978c2dd8604ba1ce962b047607701e65c078cb22e97171513e9e57491f",
+    "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
+    "zh:7b8434212eef0f8c83f5a90c6d76feaf850f6502b61b53c329e85b3b281cba34",
+    "zh:ac8a23c212258b7976e1621275e3af7099e7e4a3d4478cf8d5d2a27f3bc3e967",
+    "zh:b516ca74431f3df4c6cf90ddcdb4042c626e026317a33c53f0b445a3d93b720d",
+    "zh:dc76e4326aec2490c1600d6871a95e78f9050f9ce427c71707ea412a2f2f1a62",
+    "zh:eac7b63e86c749c7d48f527671c7aee5b4e26c10be6ad7232d6860167f99dbb0",
   ]
 }
diff --git a/staging/00-vpc.tf b/staging/00-vpc.tf
index 6aad41a..bae6cc2 100644
--- a/staging/00-vpc.tf
+++ b/staging/00-vpc.tf
@@ -1,96 +1,111 @@
-resource "aws_vpc" "tf_vpc" {
+resource "aws_vpc" "main_vpc" {
   cidr_block = "${var.vpc_subnet_prefix}.0.0/16"
 
   tags = {
-    Name        = "${var.app_name}-VPC"
+    Name        = "${var.app_name}-vpc"
     Environment = var.environment
   }
 }
 
-resource "aws_subnet" "tf_vpc_sub_a1" {
-  vpc_id            = aws_vpc.tf_vpc.id
+resource "aws_subnet" "app_1a" {
+  vpc_id            = aws_vpc.main_vpc.id
   cidr_block        = "${var.vpc_subnet_prefix}.1.0/24"
   availability_zone = "${var.aws_region}a"
 
   tags = {
-    Name        = "${var.app_name}-VPC-Subnet-1-App"
+    Name        = "${var.app_name}-app-sub-1a"
     Environment = var.environment
   }
 }
 
-resource "aws_subnet" "tf_vpc_sub_a2" {
-  vpc_id            = aws_vpc.tf_vpc.id
+resource "aws_subnet" "app_1b" {
+  vpc_id            = aws_vpc.main_vpc.id
   cidr_block        = "${var.vpc_subnet_prefix}.2.0/24"
   availability_zone = "${var.aws_region}b"
 
   tags = {
-    Name        = "${var.app_name}-VPC-Subnet-2-App"
+    Name        = "${var.app_name}-app-sub-1b"
     Environment = var.environment
   }
 }
 
-resource "aws_subnet" "tf_vpc_sub_b1" {
-  vpc_id            = aws_vpc.tf_vpc.id
+resource "aws_subnet" "db_1a" {
+  vpc_id            = aws_vpc.main_vpc.id
   cidr_block        = "${var.vpc_subnet_prefix}.10.0/24"
   availability_zone = "${var.aws_region}a"
 
   tags = {
-    Name        = "${var.app_name}-VPC-Subnet-1-DB"
+    Name        = "${var.app_name}-db-sub-1a"
     Environment = var.environment
   }
 }
 
-resource "aws_subnet" "tf_vpc_sub_b2" {
-  vpc_id            = aws_vpc.tf_vpc.id
+resource "aws_subnet" "db_1b" {
+  vpc_id            = aws_vpc.main_vpc.id
   cidr_block        = "${var.vpc_subnet_prefix}.11.0/24"
   availability_zone = "${var.aws_region}b"
 
   tags = {
-    Name        = "${var.app_name}-VPC-Subnet-2-DB"
+    Name        = "${var.app_name}-db-sub-1b"
     Environment = var.environment
   }
 }
 
-resource "aws_subnet" "tf_vpc_sub_c1" {
-  vpc_id            = aws_vpc.tf_vpc.id
+resource "aws_subnet" "web_1a" {
+  vpc_id            = aws_vpc.main_vpc.id
   cidr_block        = "${var.vpc_subnet_prefix}.20.0/24"
   availability_zone = "${var.aws_region}a"
 
   tags = {
-    Name        = "${var.app_name}-VPC-Subnet-1-Web"
+    Name        = "${var.app_name}-web-sub-1a"
     Environment = var.environment
   }
 }
 
-resource "aws_subnet" "tf_vpc_sub_c2" {
-  vpc_id            = aws_vpc.tf_vpc.id
+resource "aws_subnet" "web_1b" {
+  vpc_id            = aws_vpc.main_vpc.id
   cidr_block        = "${var.vpc_subnet_prefix}.21.0/24"
   availability_zone = "${var.aws_region}b"
 
   tags = {
-    Name        = "${var.app_name}-VPC-Subnet-2-Web"
+    Name        = "${var.app_name}-web-sub-1b"
     Environment = var.environment
   }
 }
 
-resource "aws_internet_gateway" "gw" {
-  vpc_id = aws_vpc.tf_vpc.id
+resource "aws_internet_gateway" "igw" {
+  vpc_id = aws_vpc.main_vpc.id
 
   tags = {
-    Name        = "${var.app_name} Internet Gateway"
+    Name        = "${var.app_name}-igw"
     Environment = var.environment
   }
 }
 
 resource "aws_default_route_table" "default" {
-  default_route_table_id = aws_vpc.tf_vpc.default_route_table_id
+  default_route_table_id = aws_vpc.main_vpc.default_route_table_id
   route {
     cidr_block = "0.0.0.0/0"
-    gateway_id = aws_internet_gateway.gw.id
+    gateway_id = aws_internet_gateway.igw.id
   }
 
   tags = {
-    Name        = "${var.app_name} Route Table"
+    Name        = "${var.app_name}-rtb"
     Environment = var.environment
   }
+}
+
+resource "aws_route_table" "private" {
+  vpc_id = aws_vpc.main_vpc.id
+
+}
+
+resource "aws_route_table_association" "private_subnet_db_1a" {
+  subnet_id      = aws_subnet.db_1a.id
+  route_table_id = aws_route_table.private.id
+}
+
+resource "aws_route_table_association" "private_subnet_db_1b" {
+  subnet_id      = aws_subnet.db_1b.id
+  route_table_id = aws_route_table.private.id
 }
\ No newline at end of file
diff --git a/staging/01-sg.tf b/staging/01-sg.tf
index 88cd62c..0968ae0 100644
--- a/staging/01-sg.tf
+++ b/staging/01-sg.tf
@@ -1,7 +1,7 @@
-resource "aws_security_group" "tf-elb-web-sg" {
-  name        = "${var.app_name}-SG-Web-ELB"
+resource "aws_security_group" "web_elb_sg" {
+  name        = "${var.app_name}-web-elb-sg"
   description = "Allow global inbound traffic"
-  vpc_id      = aws_vpc.tf_vpc.id
+  vpc_id      = aws_vpc.main_vpc.id
 
   ingress {
     description = "HTTP"
@@ -34,64 +34,64 @@ resource "aws_security_group" "tf-elb-web-sg" {
   }
 
   egress {
-    from_port   = 0
-    to_port     = 0
-    protocol    = "-1"
+    from_port = 0
+    to_port   = 0
+    protocol  = "-1"
     cidr_blocks = [
       "0.0.0.0/0"
     ]
   }
 
   tags = {
-    Name        = "${var.app_name}-SG-WEB-ELB"
+    Name        = "${var.app_name}-web-elb-sg"
     Environment = var.environment
   }
 }
 
-resource "aws_security_group" "tf-web-sg" {
-  name        = "${var.app_name}-SG-WEB"
+resource "aws_security_group" "web_sg" {
+  name        = "${var.app_name}-web-sg"
   description = "Allow ELB inbound traffic"
-  vpc_id      = aws_vpc.tf_vpc.id
+  vpc_id      = aws_vpc.main_vpc.id
 
   ingress {
-    description     = "HTTP"
-    from_port       = 80
-    to_port         = 80
-    protocol        = "tcp"
+    description = "HTTP"
+    from_port   = 80
+    to_port     = 80
+    protocol    = "tcp"
     security_groups = [
-      aws_security_group.tf-elb-web-sg.id
+      aws_security_group.web_elb_sg.id
     ]
   }
 
   ingress {
-    description     = "HTTPs"
-    from_port       = 443
-    to_port         = 443
-    protocol        = "tcp"
+    description = "HTTPs"
+    from_port   = 443
+    to_port     = 443
+    protocol    = "tcp"
     security_groups = [
-      aws_security_group.tf-elb-web-sg.id
+      aws_security_group.web_elb_sg.id
     ]
   }
 
   egress {
-    from_port   = 0
-    to_port     = 0
-    protocol    = "-1"
+    from_port = 0
+    to_port   = 0
+    protocol  = "-1"
     cidr_blocks = [
       "0.0.0.0/0"
     ]
   }
 
   tags = {
-    Name        = "${var.app_name}-SG-WEB"
+    Name        = "${var.app_name}-web-sg"
     Environment = var.environment
   }
 }
 
-resource "aws_security_group" "tf-elb-app-sg" {
-  name        = "${var.app_name}-SG-APP-ELB"
+resource "aws_security_group" "app_elb_sg" {
+  name        = "${var.app_name}-app-elb-sg"
   description = "Allow inbound traffic from Web instances"
-  vpc_id      = aws_vpc.tf_vpc.id
+  vpc_id      = aws_vpc.main_vpc.id
 
   ingress {
     description = "HTTP"
@@ -99,7 +99,7 @@ resource "aws_security_group" "tf-elb-app-sg" {
     to_port     = 80
     protocol    = "tcp"
     security_groups = [
-      aws_security_group.tf-web-sg.id
+      aws_security_group.web_sg.id
     ]
   }
 
@@ -109,91 +109,91 @@ resource "aws_security_group" "tf-elb-app-sg" {
     to_port     = 443
     protocol    = "tcp"
     security_groups = [
-      aws_security_group.tf-web-sg.id
+      aws_security_group.web_sg.id
     ]
   }
 
   egress {
-    from_port   = 0
-    to_port     = 0
-    protocol    = "-1"
+    from_port = 0
+    to_port   = 0
+    protocol  = "-1"
     cidr_blocks = [
       "0.0.0.0/0"
     ]
   }
 
   tags = {
-    Name        = "${var.app_name}-SG-APP-ELB"
+    Name        = "${var.app_name}-app-elb-sg"
     Environment = var.environment
   }
 }
 
-resource "aws_security_group" "tf-app-sg" {
-  name        = "${var.app_name}-SG-APP"
+resource "aws_security_group" "app_sg" {
+  name        = "${var.app_name}-app-sg"
   description = "Allow inbound traffic from Web instances"
-  vpc_id      = aws_vpc.tf_vpc.id
+  vpc_id      = aws_vpc.main_vpc.id
 
   ingress {
-    description     = "HTTP"
-    from_port       = 80
-    to_port         = 80
-    protocol        = "tcp"
+    description = "HTTP"
+    from_port   = 80
+    to_port     = 80
+    protocol    = "tcp"
     security_groups = [
-      aws_security_group.tf-elb-app-sg.id
+      aws_security_group.app_elb_sg.id
     ]
   }
 
   ingress {
-    description     = "HTTPs"
-    from_port       = 443
-    to_port         = 443
-    protocol        = "tcp"
+    description = "HTTPs"
+    from_port   = 443
+    to_port     = 443
+    protocol    = "tcp"
     security_groups = [
-      aws_security_group.tf-elb-app-sg.id
+      aws_security_group.app_elb_sg.id
     ]
   }
 
   egress {
-    from_port   = 0
-    to_port     = 0
-    protocol    = "-1"
+    from_port = 0
+    to_port   = 0
+    protocol  = "-1"
     cidr_blocks = [
       "0.0.0.0/0"
     ]
   }
 
   tags = {
-    Name        = "${var.app_name}-SG-APP"
+    Name        = "${var.app_name}-app-sg"
     Environment = var.environment
   }
 }
 
-resource "aws_security_group" "tf-db-sg" {
-  name        = "${var.app_name}-SG-DB"
+resource "aws_security_group" "db_sg" {
+  name        = "${var.app_name}-db-sg"
   description = "Allow traffic from APP"
-  vpc_id      = aws_vpc.tf_vpc.id
+  vpc_id      = aws_vpc.main_vpc.id
 
   ingress {
-    description     = "MySQL"
-    from_port       = 3306
-    to_port         = 3306
-    protocol        = "tcp"
+    description = "MySQL"
+    from_port   = 3306
+    to_port     = 3306
+    protocol    = "tcp"
     security_groups = [
-      aws_security_group.tf-app-sg.id
+      aws_security_group.app_sg.id
     ]
   }
 
   egress {
-    from_port   = 0
-    to_port     = 0
-    protocol    = "-1"
+    from_port = 0
+    to_port   = 0
+    protocol  = "-1"
     cidr_blocks = [
       "0.0.0.0/0"
     ]
   }
 
   tags = {
-    Name        = "${var.app_name}-SG-DB"
+    Name        = "${var.app_name}-db-sg"
     Environment = var.environment
   }
 }
\ No newline at end of file
diff --git a/staging/10-s3.tf b/staging/10-s3.tf
index 7211a7d..a4e5f87 100644
--- a/staging/10-s3.tf
+++ b/staging/10-s3.tf
@@ -1,6 +1,5 @@
-resource "aws_s3_bucket" "tf-s3" {
+resource "aws_s3_bucket" "elb_logs_s3" {
   bucket        = "${lower(var.app_name)}-elb-access-logs"
-  acl           = "private"
   force_destroy = true
 
   tags = {
@@ -9,8 +8,8 @@ resource "aws_s3_bucket" "tf-s3" {
   }
 }
 
-resource "aws_s3_bucket_policy" "tf-s3-policy" {
-  bucket = aws_s3_bucket.tf-s3.id
+resource "aws_s3_bucket_policy" "elb_logs_s3_policy" {
+  bucket = aws_s3_bucket.elb_logs_s3.id
 
   policy = <<POLICY
 {
@@ -22,7 +21,7 @@ resource "aws_s3_bucket_policy" "tf-s3-policy" {
         "AWS": "arn:aws:iam::${data.aws_elb_service_account.main.id}:root"
       },
       "Action": "s3:PutObject",
-      "Resource": "arn:aws:s3:::${aws_s3_bucket.tf-s3.bucket}/${var.elb_log_prefix.public}/AWSLogs/${data.aws_caller_identity.current.account_id}/*"
+      "Resource": "arn:aws:s3:::${aws_s3_bucket.elb_logs_s3.bucket}/${var.elb_log_prefix.public}/AWSLogs/${data.aws_caller_identity.current.account_id}/*"
     },
     {
       "Effect": "Allow",
@@ -30,7 +29,7 @@ resource "aws_s3_bucket_policy" "tf-s3-policy" {
         "Service": "delivery.logs.amazonaws.com"
       },
       "Action": "s3:PutObject",
-      "Resource": "arn:aws:s3:::${aws_s3_bucket.tf-s3.bucket}/${var.elb_log_prefix.public}/AWSLogs/${data.aws_caller_identity.current.account_id}/*",
+      "Resource": "arn:aws:s3:::${aws_s3_bucket.elb_logs_s3.bucket}/${var.elb_log_prefix.public}/AWSLogs/${data.aws_caller_identity.current.account_id}/*",
       "Condition": {
         "StringEquals": {
           "s3:x-amz-acl": "bucket-owner-full-control"
@@ -43,7 +42,7 @@ resource "aws_s3_bucket_policy" "tf-s3-policy" {
         "AWS": "arn:aws:iam::${data.aws_elb_service_account.main.id}:root"
       },
       "Action": "s3:PutObject",
-      "Resource": "arn:aws:s3:::${aws_s3_bucket.tf-s3.bucket}/${var.elb_log_prefix.private}/AWSLogs/${data.aws_caller_identity.current.account_id}/*"
+      "Resource": "arn:aws:s3:::${aws_s3_bucket.elb_logs_s3.bucket}/${var.elb_log_prefix.private}/AWSLogs/${data.aws_caller_identity.current.account_id}/*"
     },
     {
       "Effect": "Allow",
@@ -51,7 +50,7 @@ resource "aws_s3_bucket_policy" "tf-s3-policy" {
         "Service": "delivery.logs.amazonaws.com"
       },
       "Action": "s3:PutObject",
-      "Resource": "arn:aws:s3:::${aws_s3_bucket.tf-s3.bucket}/${var.elb_log_prefix.private}/AWSLogs/${data.aws_caller_identity.current.account_id}/*",
+      "Resource": "arn:aws:s3:::${aws_s3_bucket.elb_logs_s3.bucket}/${var.elb_log_prefix.private}/AWSLogs/${data.aws_caller_identity.current.account_id}/*",
       "Condition": {
         "StringEquals": {
           "s3:x-amz-acl": "bucket-owner-full-control"
@@ -64,7 +63,7 @@ resource "aws_s3_bucket_policy" "tf-s3-policy" {
         "Service": "delivery.logs.amazonaws.com"
       },
       "Action": "s3:GetBucketAcl",
-      "Resource": "arn:aws:s3:::${aws_s3_bucket.tf-s3.bucket}"
+      "Resource": "arn:aws:s3:::${aws_s3_bucket.elb_logs_s3.bucket}"
     }
   ]
 }
diff --git a/staging/20-ec2.tf b/staging/20-ec2.tf
index 3be6a04..6b93717 100644
--- a/staging/20-ec2.tf
+++ b/staging/20-ec2.tf
@@ -1,33 +1,34 @@
+
 # App
-resource "aws_instance" "tf_ec2_app" {
-  count           = 4
-  ami             = "ami-0dffcf3c26d79e0bb"
-  instance_type   = var.sizing.ec2_app
-  subnet_id       = aws_subnet.tf_vpc_sub_a1.id
-  key_name        = aws_key_pair.SSH.key_name
+resource "aws_instance" "app_ec2" {
+  count         = 2
+  ami           = data.aws_ami.app_ami.id
+  instance_type = var.sizing.app_ec2
+  subnet_id     = aws_subnet.app_1a.id
+  key_name      = aws_key_pair.ssh.key_name
   security_groups = [
-    aws_security_group.tf-app-sg.id
+    aws_security_group.app_sg.id
   ]
 
   tags = {
-    Name        = "${var.app_name}-App-${count.index + 1}"
+    Name        = "${var.app_name}_app_${count.index + 1}"
     Environment = var.environment
   }
 }
 
 # Web
-resource "aws_instance" "tf_ec2_web" {
-  count           = 4
-  ami             = "ami-0dffcf3c26d79e0bb"
-  instance_type   = var.sizing.ec2_web
-  subnet_id       = aws_subnet.tf_vpc_sub_c1.id
-  key_name        = aws_key_pair.SSH.key_name
+resource "aws_instance" "web_ec2" {
+  count         = 2
+  ami           = data.aws_ami.app_ami.id
+  instance_type = var.sizing.web_ec2
+  subnet_id     = aws_subnet.web_1a.id
+  key_name      = aws_key_pair.ssh.key_name
   security_groups = [
-    aws_security_group.tf-web-sg.id
+    aws_security_group.web_sg.id
   ]
 
   tags = {
-    Name        = "${var.app_name}-Web-${count.index + 1}"
+    Name        = "${var.app_name}_web_${count.index + 1}"
     Environment = var.environment
   }
 }
\ No newline at end of file
diff --git a/staging/21-elb.tf b/staging/21-elb.tf
index 877d290..fff31b3 100644
--- a/staging/21-elb.tf
+++ b/staging/21-elb.tf
@@ -1,109 +1,109 @@
 # App
-resource "aws_lb" "tf-app-elb" {
-  name               = "${var.app_name}-ELB-App"
+resource "aws_lb" "app_elb" {
+  name               = "${var.app_name}-app-elb"
   internal           = true
   load_balancer_type = "application"
-  security_groups    = [
-    aws_security_group.tf-elb-app-sg.id
+  security_groups = [
+    aws_security_group.app_elb_sg.id
   ]
-  subnets            = [
-    aws_subnet.tf_vpc_sub_a1.id,
-    aws_subnet.tf_vpc_sub_a2.id
+  subnets = [
+    aws_subnet.app_1a.id,
+    aws_subnet.app_1b.id
   ]
 
   access_logs {
-    bucket  = aws_s3_bucket.tf-s3.bucket
+    bucket  = aws_s3_bucket.elb_logs_s3.bucket
     prefix  = var.elb_log_prefix.private
     enabled = true
   }
 
   tags = {
-    Name        = "${var.app_name}-ELB-App"
+    Name        = "${var.app_name}_app_elb"
     Environment = var.environment
   }
 }
 
-resource "aws_lb_target_group" "tf-app-elb-tg" {
-  name     = "${var.app_name}-ELB-App-TargetGroup"
+resource "aws_lb_target_group" "app_elb_tg" {
+  name     = "${var.app_name}-app-tg"
   port     = 80
   protocol = "HTTP"
-  vpc_id   = aws_vpc.tf_vpc.id
+  vpc_id   = aws_vpc.main_vpc.id
 
   tags = {
-    Name        = "${var.app_name}-ELB-App-TargetGroup"
+    Name        = "${var.app_name}-app-tg"
     Environment = var.environment
   }
 }
 
-resource "aws_lb_listener" "tf-app-elb-listener" {
-  load_balancer_arn = aws_lb.tf-app-elb.arn
+resource "aws_lb_listener" "app_elb_listener" {
+  load_balancer_arn = aws_lb.app_elb.arn
   port              = "80"
   protocol          = "HTTP"
 
   default_action {
     type             = "forward"
-    target_group_arn = aws_lb_target_group.tf-app-elb-tg.arn
+    target_group_arn = aws_lb_target_group.app_elb_tg.arn
   }
 }
 
-resource "aws_lb_target_group_attachment" "tf-app-elb-tg-target-app1" {
-  count            = length(aws_instance.tf_ec2_app)
-  target_group_arn = aws_lb_target_group.tf-app-elb-tg.arn
-  target_id        = aws_instance.tf_ec2_app[count.index].id
+resource "aws_lb_target_group_attachment" "app_elb_tg_target_app" {
+  count            = length(aws_instance.app_ec2)
+  target_group_arn = aws_lb_target_group.app_elb_tg.arn
+  target_id        = aws_instance.app_ec2[count.index].id
   port             = 80
 }
 
 # Web
-resource "aws_lb" "tf-web-elb" {
-  name               = "${var.app_name}-ELB-Web"
+resource "aws_lb" "web_elb" {
+  name               = "${var.app_name}-web-elb"
   internal           = false
   load_balancer_type = "application"
-  security_groups    = [
-    aws_security_group.tf-elb-web-sg.id
+  security_groups = [
+    aws_security_group.web_elb_sg.id
   ]
-  subnets            = [
-    aws_subnet.tf_vpc_sub_c1.id,
-    aws_subnet.tf_vpc_sub_c2.id
+  subnets = [
+    aws_subnet.web_1a.id,
+    aws_subnet.web_1b.id
   ]
 
   access_logs {
-    bucket  = aws_s3_bucket.tf-s3.bucket
+    bucket  = aws_s3_bucket.elb_logs_s3.bucket
     prefix  = var.elb_log_prefix.public
     enabled = true
   }
 
   tags = {
-    Name        = "${var.app_name}-ELB-Web"
+    Name        = "${var.app_name}_web_elb"
     Environment = var.environment
   }
 }
 
-resource "aws_lb_target_group" "tf-web-elb-tg" {
-  name     = "${var.app_name}-ELB-Web-TargetGroup"
+resource "aws_lb_target_group" "web_elb_tg" {
+  name     = "${var.app_name}-web-tg"
   port     = 80
   protocol = "HTTP"
-  vpc_id   = aws_vpc.tf_vpc.id
+  vpc_id   = aws_vpc.main_vpc.id
 
   tags = {
-    Name        = "${var.app_name}-ELB-Web-TargetGroup"
+    Name        = "${var.app_name}-web-tg"
     Environment = var.environment
   }
 }
 
-resource "aws_lb_listener" "tf-web-elb-listener" {
-  load_balancer_arn = aws_lb.tf-web-elb.arn
+resource "aws_lb_listener" "web_elb_listener" {
+  load_balancer_arn = aws_lb.web_elb.arn
   port              = "80"
   protocol          = "HTTP"
 
   default_action {
     type             = "forward"
-    target_group_arn = aws_lb_target_group.tf-web-elb-tg.arn
+    target_group_arn = aws_lb_target_group.web_elb_tg.arn
   }
 }
 
-resource "aws_lb_target_group_attachment" "tf-web-elb-tg-target-app" {
-  count            = length(aws_instance.tf_ec2_app)
-  target_group_arn = aws_lb_target_group.tf-web-elb-tg.arn
-  target_id        = aws_instance.tf_ec2_web[count.index].id
+resource "aws_lb_target_group_attachment" "web_elb_tg_target_web" {
+  count            = length(aws_instance.web_ec2)
+  target_group_arn = aws_lb_target_group.web_elb_tg.arn
+  target_id        = aws_instance.web_ec2[count.index].id
   port             = 80
 }
\ No newline at end of file
diff --git a/staging/30-rds.tf b/staging/30-rds.tf
index d24fb87..89a414a 100644
--- a/staging/30-rds.tf
+++ b/staging/30-rds.tf
@@ -1,24 +1,21 @@
-resource "aws_db_instance" "tf_db" {
-  allocated_storage    = 20
-  storage_type         = "gp2"
-  engine               = "mysql"
-  engine_version       = "5.7"
-  instance_class       = "db.${var.sizing.rds_master}"
-  identifier           = "${lower(var.app_name)}-${lower(var.rds_config.database)}-${lower(random_string.rand_db_name.result)}"
-  name                 = var.rds_config.database
-  username             = var.rds_config.username
-  password             = var.rds_config.password
-  parameter_group_name = "default.mysql5.7"
-
-  skip_final_snapshot = true
-
-  vpc_security_group_ids = [aws_security_group.tf-db-sg.id]
-  db_subnet_group_name = aws_db_subnet_group.tf_db_subnet.name
+resource "aws_db_instance" "db" {
+  allocated_storage      = 20
+  storage_type           = "gp3"
+  engine                 = "mysql"
+  engine_version         = "8.0"
+  instance_class         = "db.${var.sizing.rds_master}"
+  identifier             = "${lower(var.app_name)}-${lower(var.rds_config.database)}-${lower(random_string.rand_db_name.result)}"
+  username               = var.rds_config.username
+  password               = var.rds_config.password
+  parameter_group_name   = "default.mysql8.0"
+  skip_final_snapshot    = true
+  vpc_security_group_ids = [aws_security_group.db_sg.id]
+  db_subnet_group_name   = aws_db_subnet_group.db_subnet_group.name
 }
 
-resource "aws_db_subnet_group" "tf_db_subnet" {
-  name       = "${lower(var.app_name)}-subnet-db"
-  subnet_ids = [aws_subnet.tf_vpc_sub_b1.id, aws_subnet.tf_vpc_sub_b2.id]
+resource "aws_db_subnet_group" "db_subnet_group" {
+  name       = "${lower(var.app_name)}_db_subnet_group"
+  subnet_ids = [aws_subnet.db_1a.id, aws_subnet.db_1b.id]
 
   tags = {
     Environment = var.environment
diff --git a/staging/_data.tf b/staging/_data.tf
index 87755cf..a3d9e9c 100644
--- a/staging/_data.tf
+++ b/staging/_data.tf
@@ -1,14 +1,9 @@
-data "aws_ami" "ubuntu2004lts" {
+data "aws_ami" "app_ami" {
   most_recent = true
 
   filter {
     name   = "name"
-    values = ["ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-*"]
-  }
-
-  filter {
-    name   = "virtualization-type"
-    values = ["hvm"]
+    values = ["ubuntu/images/hvm-ssd-gp3/ubuntu-*-arm64-server-*"]
   }
 
   owners = ["099720109477"] # Canonical
diff --git a/staging/_init.tf b/staging/_init.tf
index 51fcc38..ec54226 100644
--- a/staging/_init.tf
+++ b/staging/_init.tf
@@ -1,10 +1,18 @@
-# Configure the AWS Provider
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "6.7.0"
+    }
+  }
+}
+
 provider "aws" {
-  region                  = var.aws_region
-  shared_credentials_file = "../.secret/staging_keys"
+  region                   = var.aws_region
+  shared_credentials_files = ["../.secret/staging_keys"]
 }
 
-resource "aws_key_pair" "SSH" {
-  key_name   = "SSH.new"
+resource "aws_key_pair" "ssh" {
+  key_name   = "ssh-key"
   public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC7MOIM9et/hjzzi9sX6xayyD3UH4ImzaTKka4x1WDdjtJXI0jOXPqjVF8pPIhhSL3Dos+a0fKauK9QShY4+aa7I3Wl0VyFbIr5GaXO1AAGmSIcbNXJx+I2aLG1PvXcSjHhMpykBz/wEFonh1xTFxH47xBYUg2LfRdLFnVU8c1jJrF6D8NjGygLrJXRFbacDWrn+CV7z/TWcbTb45T400/x4r6ocGxTc3tkgpWrDuuJtuUy8Hd6k4R66B8jTUpuQYlFkRfGPkm/oPlAE/7WNllRmBkI4V2dgQfO2Og01EfZiDeSrpvNVFA02UF/+JMYnpYdxUmHZTc0CkdnUlls3CyQE/RHpYb8c9S4Pv+rJz5N0viQ/40+dByd9NkhmF+BTDqPM8CijfGYQxXjUyiY0/kcDcoVYwz/6KY0T2AcUWIESSG6c+MUq49A7Hn77XBzpjJ4NM1DAvdHjmWLAi6rTiCRW0UZAQ1GJ9RgGsVbk4lEwXWmMcbNdccydFdAEZgq2p4yehWhV7oPJ1DbhWKTFZJACqwa8TUSzq5Iw4p31cecvOLbPNAjhHAadtjNWEJo8Tjs3VUnI5Wg1TUuio3MzOyj1PRhiYaTy8aAQTdmV1OIYCB4jCcO/tVcsGe7dWh8aSMJBAFrvxTjxaKTV91kgHEcbl+Wf+SbpupIrY4mjOQU+w== atuan@TDT-Macbook.local"
 }
\ No newline at end of file
diff --git a/staging/_vars.tf b/staging/_vars.tf
index f47cb21..4ab07df 100644
--- a/staging/_vars.tf
+++ b/staging/_vars.tf
@@ -1,6 +1,6 @@
 variable "app_name" {
   type    = string
-  default = "DAT"
+  default = "myproject"
 }
 
 variable "environment" {
@@ -15,32 +15,32 @@ variable "aws_region" {
 
 variable "sizing" {
   type = object({
-    ec2_app = string
-    ec2_web = string
+    app_ec2    = string
+    web_ec2    = string
     rds_master = string
-    rds_read = string
+    rds_read   = string
   })
   default = {
-    ec2_app = "t2.nano"
-    ec2_web = "t2.nano"
-    rds_master = "t2.micro"
-    rds_read = "t2.micro"
+    app_ec2    = "t4g.nano"
+    web_ec2    = "t4g.nano"
+    rds_master = "t4g.micro"
+    rds_read   = "t4g.micro"
   }
 }
 
 variable "elb_log_prefix" {
   type = object({
-    public = string
+    public  = string
     private = string
   })
   default = {
-    public = "PublicLBLogs"
+    public  = "PublicLBLogs"
     private = "PrivateLBLogs"
   }
 }
 
 variable "vpc_subnet_prefix" {
-  type    = string
+  type = string
   # Or 10.0 or 10.100 or whatever you want
   default = "172.29"
 }
@@ -59,6 +59,6 @@ variable "rds_config" {
 }
 
 resource "random_string" "rand_db_name" {
-  length = 8
+  length  = 8
   special = false
 }
\ No newline at end of file