diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml
index 4491cc0..e36c3fb 100644
--- a/.github/workflows/cd.yml
+++ b/.github/workflows/cd.yml
@@ -16,12 +16,20 @@ jobs:
         uses: hashicorp/setup-terraform@v1
 
       - name: Initialize Terraform
-        run: terraform init -upgrade
+        run: terraform init \
+          -backend-config="bucket=${{ secrets.TF_VAR_BUCKET }}" \
+          -backend-config="region=${{ secrets.AWS_DEFAULT_REGION }}" \
         working-directory: infra/provisioning
+        env:
+          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
 
       - name: Terraform Plan
         run: terraform plan -lock-timeout=600s -compact-warnings -out=plan.tfplan
         working-directory: infra/provisioning
+        env:
+          TF_VAR_key_pair: ${{ secrets.TF_VAR_KEY_PAIR }}
 
       - name: Upload Terraform Plan Artifact
         uses: actions/upload-artifact@v3
diff --git a/infra/provisioning/00-inputs.tf b/infra/provisioning/00-inputs.tf
index c76c03b..ff76da2 100644
--- a/infra/provisioning/00-inputs.tf
+++ b/infra/provisioning/00-inputs.tf
@@ -1,40 +1,42 @@
 variable "region" {
   description = "AWS region"
+  default     = "eu-north-1"
   type        = string
 }
 
 variable "bucket" {
   description = "S3 bucket name to store Terraform state"
-  type        = string
-}
-
-variable "key" {
-  description = "Path to store Terraform state within the S3 bucket"
+  default     = "gbfs-terraform-state"
   type        = string
 }
 
 variable "vpc_cidr_block" {
   description = "CIDR block for the VPC"
+  default     = "10.0.0.0/16"
   type        = string
 }
 
 variable "subnet_cidr_block" {
   description = "CIDR block for the subnet"
+  default     = "10.0.1.0/24"
   type        = string
 }
 
 variable "env_name" {
   description = "Environment name (e.g., dev, prod)"
+  default     = "dev"
   type        = string
 }
 
 variable "ami_id" {
   description = "AMI ID for EC2 instance"
+  default     = "ami-0c6da69dd16f45f72"
   type        = string
 }
 
 variable "instance_type" {
   description = "EC2 instance type"
+  default     = "t3.micro"
   type        = string
 }
 
diff --git a/infra/provisioning/02-providers.tf b/infra/provisioning/02-providers.tf
index 64f9af9..e036eb2 100644
--- a/infra/provisioning/02-providers.tf
+++ b/infra/provisioning/02-providers.tf
@@ -5,7 +5,7 @@ provider "aws" {
 terraform {
   backend "s3" {
     bucket = var.bucket
-    key    = var.key
+    key    = "terraform.tfstate"
     region = var.region
   }
 }
diff --git a/infra/provisioning/03-modules.tf b/infra/provisioning/03-modules.tf
index 4926846..0a46302 100644
--- a/infra/provisioning/03-modules.tf
+++ b/infra/provisioning/03-modules.tf
@@ -16,7 +16,7 @@ module "ec2" {
   ami_id            = var.ami_id
   instance_type     = var.instance_type
   subnet_id         = module.network.subnet_id
-  security_group_id = module.security_group.security_group_id
+  security_group_name = module.security_group.security_group_name
   key_pair          = var.key_pair
   env_name          = var.env_name
   depends_on        = [
diff --git a/infra/provisioning/modules/ec2/01-inputs.tf b/infra/provisioning/modules/ec2/01-inputs.tf
index 64ecb4b..cdaf14a 100644
--- a/infra/provisioning/modules/ec2/01-inputs.tf
+++ b/infra/provisioning/modules/ec2/01-inputs.tf
@@ -13,8 +13,8 @@ variable "subnet_id" {
   type        = string
 }
 
-variable "security_group_id" {
-  description = "ID of the security group"
+variable "security_group_name" {
+  description = "Name of the security group"
   type        = string
 }
 
diff --git a/infra/provisioning/modules/ec2/02-instance.tf b/infra/provisioning/modules/ec2/02-instance.tf
index d9d8fff..d248738 100644
--- a/infra/provisioning/modules/ec2/02-instance.tf
+++ b/infra/provisioning/modules/ec2/02-instance.tf
@@ -1,9 +1,14 @@
 resource "aws_instance" "gbfs_monitoring" {
+  lifecycle {
+    ignore_changes = [
+      security_groups
+    ]
+  }
   ami                         = var.ami_id
   instance_type               = var.instance_type
   subnet_id                   = var.subnet_id
   key_name                    = var.key_pair
-  security_groups             = [var.security_group_id]
+  security_groups             = [var.security_group_name]
   associate_public_ip_address = true
   tags = {
     Name = "${var.env_name}-gbfs-monitoring-instance"
diff --git a/infra/provisioning/modules/security_group/03-outputs.tf b/infra/provisioning/modules/security_group/03-outputs.tf
index 012d709..7a45452 100644
--- a/infra/provisioning/modules/security_group/03-outputs.tf
+++ b/infra/provisioning/modules/security_group/03-outputs.tf
@@ -1,3 +1,3 @@
-output "security_group_id" {
-  value = aws_security_group.main.id
+output "security_group_name" {
+  value = aws_security_group.main.name
 }