diff --git a/.github/workflows/OS.tfvars b/.github/workflows/OS.tfvars
deleted file mode 100644
index 0285721..0000000
--- a/.github/workflows/OS.tfvars
+++ /dev/null
@@ -1,9 +0,0 @@
-# Amazon Linux 2
-ami_id        = "ami-03e0b06f01d45a4eb"
-ami_os        = "AmazonLinux2"
-ami_username  = "ec2-user"
-ami_user_home = "/home/ec2-user"
-instance_tags = {
-  Name        = "Amazon2-CIS"
-  Environment = "lockdown_github_repo_workflow"
-}
diff --git a/.github/workflows/github_networks.tf b/.github/workflows/github_networks.tf
deleted file mode 100644
index 998cb76..0000000
--- a/.github/workflows/github_networks.tf
+++ /dev/null
@@ -1,53 +0,0 @@
-resource "aws_vpc" "Main" {
-  cidr_block = var.main_vpc_cidr
-  instance_tenancy = "default"
-  tags       = { 
-    Environment = "${var.environment}"
-    Name = "${var.namespace}-VPC"
-    }
-}
-
-resource "aws_internet_gateway" "IGW" {
-  vpc_id = aws_vpc.Main.id
-  tags = {
-    Environment = "${var.environment}"
-    Name = "${var.namespace}-IGW"
-  }
-}
-
-resource "aws_subnet" "publicsubnets" {
-  vpc_id =  aws_vpc.Main.id
-  cidr_block = var.public_subnets
-  availability_zone = var.availability_zone
-  tags = {
-    Environment = "${var.environment}"
-    Name = "${var.namespace}-pubsub"
-  }
-}
-
-resource "aws_subnet" "Main" {
-  vpc_id =  aws_vpc.Main.id
-  availability_zone = var.availability_zone
-  cidr_block = var.private_subnets
-  tags = {
-    Environment = "${var.environment}"
-    Name = "${var.namespace}-prvsub"
-  }
-}
-
-resource "aws_route_table" "PublicRT" {
-   vpc_id =  aws_vpc.Main.id
-   route {
-   cidr_block = "0.0.0.0/0"
-   gateway_id = aws_internet_gateway.IGW.id
-   }
-   tags = {
-    Environment = "${var.environment}"
-    Name = "${var.namespace}-publicRT"
-  }
-}
-
-resource "aws_route_table_association" "rt_associate_public" {
-  subnet_id = aws_subnet.Main.id
-  route_table_id = aws_route_table.PublicRT.id
-}
diff --git a/.github/workflows/github_vars.tfvars b/.github/workflows/github_vars.tfvars
deleted file mode 100644
index 3ea5253..0000000
--- a/.github/workflows/github_vars.tfvars
+++ /dev/null
@@ -1,13 +0,0 @@
-// github_actions variables
-// Resourced in github_networks.tf
-// Declared in variables.tf
-// 
-
-namespace = "github_actions"
-environment = "lockdown_github_repo_workflow"
-
-// Matching pair name found in AWS for keypairs PEM key
-ami_key_pair_name = "github_actions"
-main_vpc_cidr     = "172.22.0.0/24"
-public_subnets    = "172.22.0.128/26"
-private_subnets   = "172.22.0.192/26"
diff --git a/.github/workflows/linux_benchmark_testing.yml b/.github/workflows/linux_benchmark_testing.yml
index d028118..c56fa39 100644
--- a/.github/workflows/linux_benchmark_testing.yml
+++ b/.github/workflows/linux_benchmark_testing.yml
@@ -36,18 +36,31 @@ jobs:
     build:
         # The type of runner that the job will run on
         runs-on: ubuntu-latest
-
         env:
-            ENABLE_DEBUG: false
-
-    # Steps represent a sequence of tasks that will be executed as part of the job
+            ENABLE_DEBUG: ${{ vars.ENABLE_DEBUG || 'false' }}
+            OSVAR: AMAZON2
+            BENCHMARK_TYPE: CIS
+            # Imported as a variable by terraform
+            TF_VAR_repository: ${{ github.event.repository.name }}
+        defaults:
+            run:
+                shell: bash
+                working-directory: .github/workflows/github_linux_IaC
+
+        # Steps represent a sequence of tasks that will be executed as part of the job
         steps:
-            # Checks-out your repository under $GITHUB_WORKSPACE,
-            # so your job can access it
-            - uses: actions/checkout@v3
+            - name: Clone ${{ github.event.repository.name }}
+              uses: actions/checkout@v3
               with:
                   ref: ${{ github.event.pull_request.head.sha }}
 
+            # Pull in terraform code for linux servers
+            - name: Clone github IaC plan
+              uses: actions/checkout@v3
+              with:
+                  repository: ansible-lockdown/github_linux_IaC
+                  path: .github/workflows/github_linux_IaC
+
             - name: Add_ssh_key
               working-directory: .github/workflows
               env:
@@ -59,40 +72,59 @@ jobs:
                   echo $PRIVATE_KEY > .ssh/github_actions.pem
                   chmod 600 .ssh/github_actions.pem
 
-            ### Build out the server
+            - name: DEBUG - Show IaC files
+              if: env.ENABLE_DEBUG == 'true'
+              run: |
+                  echo "OSVAR = $OSVAR"
+                  echo "benchmark_type = $benchmark_type"
+                  pwd
+                  ls
+              env:
+                  # Imported from github variables this is used to load the relvent OS.tfvars file
+                  OSVAR: ${{ env.OSVAR }}
+                  benchmark_type: ${{ env.BENCHMARK_TYPE }}
+
             - name: Terraform_Init
-              working-directory: .github/workflows
+              id: init
               run: terraform init
+              env:
+                  # Imported from github variables this is used to load the relvent OS.tfvars file
+                  OSVAR: ${{ env.OSVAR }}
+                  TF_VAR_benchmark_type: ${{ env.BENCHMARK_TYPE }}
 
             - name: Terraform_Validate
-              working-directory: .github/workflows
+              id: validate
               run: terraform validate
+              env:
+                  # Imported from github variables this is used to load the relvent OS.tfvars file
+                  OSVAR: ${{ env.OSVAR }}
+                  TF_VAR_benchmark_type: ${{ env.BENCHMARK_TYPE }}
 
             - name: Terraform_Apply
-              working-directory: .github/workflows
+              id: apply
               env:
                   AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
                   AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-              run: terraform apply -var-file "OS.tfvars" -var-file "github_vars.tfvars" --auto-approve -input=false
+                  OSVAR: ${{ vars.OSVAR }}
+                  TF_VAR_benchmark_type: ${{ env.BENCHMARK_TYPE }}
+              run: terraform apply -var-file "github_vars.tfvars" -var-file "${OSVAR}.tfvars" --auto-approve -input=false
 
-            ## Debug Section
+  ## Debug Section
             - name: DEBUG - Show Ansible hostfile
               if: env.ENABLE_DEBUG == 'true'
-              working-directory: .github/workflows
               run: cat hosts.yml
 
-            # Aws deployments taking a while to come up insert sleep or playbook fails
+      # Aws deployments taking a while to come up insert sleep or playbook fails
 
             - name: Sleep for 60 seconds
               run: sleep 60s
-              shell: bash
 
-            # Run the ansible playbook
+          # Run the ansible playbook
             - name: Run_Ansible_Playbook
-              uses: arillso/action.playbook@master
+              uses: ansible-lockdown/action.playbook@main
               with:
                   playbook: site.yml
-                  inventory: .github/workflows/hosts.yml
+                  inventory: .github/workflows/github_linux_IaC/hosts.yml
                   galaxy_file: collections/requirements.yml
                   private_key: ${{ secrets.SSH_PRV_KEY }}
         #          verbose: 3
@@ -100,12 +132,13 @@ jobs:
                   ANSIBLE_HOST_KEY_CHECKING: "false"
                   ANSIBLE_DEPRECATION_WARNINGS: "false"
 
-            # Remove test system - User secrets to keep if necessary
+          # Remove test system - User secrets to keep if necessary
 
             - name: Terraform_Destroy
-              working-directory: .github/workflows
               if: always() && env.ENABLE_DEBUG == 'false'
               env:
                   AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
                   AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-              run: terraform destroy -var-file "github_vars.tfvars" -var-file "OS.tfvars" --auto-approve -input=false
+                  OSVAR: ${{ env.OSVAR }}
+                  TF_VAR_benchmark_type: ${{ env.BENCHMARK_TYPE }}
+              run: terraform destroy -var-file "github_vars.tfvars" -var-file "${OSVAR}.tfvars" --auto-approve -input=false
diff --git a/.github/workflows/main.tf b/.github/workflows/main.tf
deleted file mode 100644
index 16dfdf6..0000000
--- a/.github/workflows/main.tf
+++ /dev/null
@@ -1,82 +0,0 @@
-provider "aws" {
-  profile = ""
-  region  = var.aws_region
-}
-
-// Create a security group with access to port 22 and port 80 open to serve HTTP traffic
-
-
-resource "random_id" "server" {
-  keepers = {
-    # Generate a new id each time we switch to a new AMI id
-    ami_id = "${var.ami_id}"
-  }
-
-  byte_length = 8
-}
-
-resource "aws_security_group" "github_actions" {
-  name   = "${var.namespace}-${random_id.server.hex}-SG"
-  vpc_id = aws_vpc.Main.id
-
-  ingress {
-    from_port   = 22
-    to_port     = 22
-    protocol    = "tcp"
-    cidr_blocks = ["0.0.0.0/0"]
-  }
-  
-  ingress {
-    from_port   = 80
-    to_port     = 80
-    protocol    = "tcp"
-    cidr_blocks = ["0.0.0.0/0"]
-  }
-
-  egress {
-    from_port   = 0
-    to_port     = 0
-    protocol    = "-1"
-    cidr_blocks = ["0.0.0.0/0"]
-  }
-  tags = {
-    Environment = "${var.environment}"
-    Name = "${var.namespace}-SG"
- }
-}
-
-// instance setup
-
-resource "aws_instance" "testing_vm" {
-  ami                         = var.ami_id
-  availability_zone           = var.availability_zone
-  associate_public_ip_address = true
-  key_name                    = var.ami_key_pair_name # This is the key as known in the ec2 key_pairs
-  instance_type               = var.instance_type
-  tags                        = var.instance_tags
-  vpc_security_group_ids      = [aws_security_group.github_actions.id]
-  subnet_id                   = aws_subnet.Main.id
-  root_block_device {
-        delete_on_termination = true
-  }
-}
-
-// generate inventory file
-resource "local_file" "inventory" {
-  filename = "./hosts.yml"
-  directory_permission = "0755"
-  file_permission      = "0644"
-  content  = <<EOF
-    # benchmark host
-    all:
-      hosts:
-        ${var.ami_os}:
-          ansible_host: ${aws_instance.testing_vm.public_ip}
-          ansible_user: ${var.ami_username}
-      vars:
-        setup_audit: true
-        run_audit: true
-        system_is_ec2: true
-    EOF
-}
-
diff --git a/.github/workflows/terraform.tfvars b/.github/workflows/terraform.tfvars
deleted file mode 100644
index 3111378..0000000
--- a/.github/workflows/terraform.tfvars
+++ /dev/null
@@ -1,6 +0,0 @@
-// vars should be loaded by OSname.tfvars
-availability_zone      = "us-east-1b"
-aws_region    = "us-east-1"
-ami_os        = var.ami_os
-ami_username  = var.ami_username
-instance_tags = var.instance_tags
diff --git a/.github/workflows/variables.tf b/.github/workflows/variables.tf
deleted file mode 100644
index 16bc9f6..0000000
--- a/.github/workflows/variables.tf
+++ /dev/null
@@ -1,76 +0,0 @@
-// Taken from the OSname.tfvars
-
-variable "aws_region" {
-  description = "AWS region"
-  default     = "us-east-1"
-  type        = string
-}
-
-variable "availability_zone" {
-  description = "List of availability zone in the region"
-  default     = "us-east-1b"
-  type        = string
-}
-
-variable "instance_type" {
-  description = "EC2 Instance Type"
-  default     = "t3.micro"
-  type        = string
-}
-
-variable "instance_tags" {
-  description = "Tags to set for instances"
-  type        = map(string)
-}
-
-variable "ami_key_pair_name" {
-  description = "Name of key pair in AWS thats used"
-  type        = string
-}
-
-variable "ami_os" {
-  description = "AMI OS Type"
-  type        = string
-}
-
-variable "ami_id" {
-  description = "AMI ID reference"
-  type = string
-}
-
-variable "ami_username" {
-  description = "Username for the ami id"
-  type        = string
-}
-
-variable "ami_user_home" {
-  description = "home dir for the username"
-  type        = string
-}
-
-variable "namespace" {
-  description = "Name used across all tags"
-  type        = string
-}
-
-variable "environment" {
-  description = "Env Name used across all tags"
-  type        = string
-}
-
-// taken from github_vars.tfvars &
-
-variable "main_vpc_cidr" {
-  description = "Private cidr block to be used for vpc"
-  type        = string
-}
-
-variable "public_subnets" {
-  description = "public subnet cidr block"
-  type        = string
-}
-
-variable "private_subnets" {
-  description = "private subnet cidr block"
-  type        = string
-}