diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml
new file mode 100644
index 000000000..63b4da632
--- /dev/null
+++ b/.github/workflows/terraform.yml
@@ -0,0 +1,138 @@
+name: "Vprofile IAC"
+
+on:
+  
+  push:
+    branches: ["main","stage"]
+  pull_request: 
+    branches: ["main"]
+env:
+  AWS_ACCESS_KEY_ID : ${{secrets.AWS_ACCESS_KEY_ID}}
+  AWS_SECRET_ACCESS_KEY: ${{secrets.AWS_SECRET_ACCESS_KEY}}
+  BUCKET_TF_STATE: ${{secrets.BUCKET_TF_STATE}}
+  AWS_REGION: us-east-1
+  EKS_CLUSTER: vprofile-eks
+  TF_VERSION: 1.6.3
+  WORKING_DIRECTORY: terraform
+permissions:
+    issues: write
+    contents: read
+    pull-requests: write
+  
+jobs:
+  scan-terraform-config:
+    name: "Scan terraform with Checkov"
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout source code
+        uses: actions/checkout@v4
+      
+      - name: Run Checkov
+        id: checkov
+        uses: bridgecrewio/checkov-action@master
+        with:
+          directory: ${{env.WORKING_DIRECTORY}}
+          soft_fail: true
+          
+
+
+  deploy-infra-terraform:
+    name: "Apply terraform code changes"
+    runs-on: ubuntu-latest
+    environment: production
+    needs: [scan-terraform-config] # create the dependance for the job 01
+    defaults:
+      run:
+        shell: bash
+        working-directory: ${{env.WORKING_DIRECTORY}}
+
+    steps:
+      - name: Checkout source code
+        uses: actions/checkout@v4
+
+      - name: Setup terraform with specified version on the runner
+        uses: hashicorp/setup-terraform@v1
+        with:
+          terraform_version: "${{env.TF_VERSION}}"
+            # Initialize a new or existing Terraform working directory by creating initial files, loading any remote state, downloading modules, etc.
+      - name: Terraform Init
+        id: init
+        run: terraform init -backend-config="bucket=$BUCKET_TF_STATE"
+      
+          # Checks that all Terraform configuration files adhere to a canonical format
+      - name: Terraform Format
+        id: fmt
+        run: terraform fmt -check  
+
+      - name: Terraform validate
+        id: validate
+        run: terraform validate -no-color
+
+        # Generates an execution plan for Terraform
+      - name: Terraform Plan
+        id: plan
+        # -input=false -out plan.out
+        if: github.event_name == 'pull_request'
+        run: terraform plan -no-color 
+        continue-on-error: true
+
+      - name: Terraform plan status
+        if: steps.plan.outcome == 'failure'
+        run: exit 1
+
+      - name: Add terraform plan comment
+        id: comment
+        uses: actions/github-script@v6
+        if: github.event_name == 'pull_request'
+        env:
+          PLAN: "terraform\n${{steps.plan.outputs.stdout}}"
+        with:
+          github-token: ${{secrets.GITHUB_TOKEN}}
+        #   , Working Directory: \`${{ env.tf_actions_working_dir }}\`
+          script: |
+            const output = `#### Terraform Initialization ⚙️\`${{ steps.init.outcome }}\` 
+            #### Terraform Format and Style 🖌\`${{ steps.fmt.outcome }}\`
+            #### Terraform Validation 🤖${{ steps.validate.outputs.stdout }}
+            #### Terraform Plan 📖\`${{ steps.plan.outcome }}\`
+        
+            <details><summary>Show Plan</summary>
+            
+            \`\`\`${process.env.PLAN}\`\`\`
+            
+            </details>
+            
+            *Pusher: @${{ github.actor }}, Action: \`${{ github.event_name }}\`, Workflow: \`${{ github.workflow }}\`*`; 
+              
+            github.rest.issues.createComment({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: output
+            })
+
+      - name: Terraform apply
+        id: appl
+        if: github.ref == 'refs/heads/main' && github.event_name == 'push'
+        run: terraform destroy -auto-approve 
+        # -input=false -parallelism=1 plan.out
+
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-region: ${{env.AWS_REGION}}
+          aws-access-key-id: ${{secrets.AWS_ACCESS_KEY_ID}}
+          aws-secret-access-key: ${{secrets.AWS_SECRET_ACCESS_KEY}}
+      
+      - name: Get K8s config file
+        id: getconfig
+        if: steps.appl.outcome == 'success'
+        run: aws eks update-kubeconfig --region ${{env.AWS_REGION}} --name ${{env.EKS_CLUSTER}}
+
+      - name: Install ingress controller
+        if: steps.appl.outcome == 'success' && steps.getconfig.outcome == 'success'
+        run: kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.1.3/deploy/static/provider/aws/deploy.yaml
+       
+
+
+
diff --git a/README.md b/README.md
index dcd659f7e..cdf0276e2 100644
--- a/README.md
+++ b/README.md
@@ -1,15 +1,66 @@
-# Terraform code 
+# Terraform
 
-## Maintain vpc & eks with terraform for vprofile project
+## goals
 
-## Tools required
-Terraform version 1.6.3
+### . Automation the provisioning of the infra
+. Supporting the different architecture(iaas,saas,paas)
+. managing anything via API
+. managing any cloud provider and one premise (technology agnostic)
 
-### Steps
-* terraform init
-* terraform fmt -check
-* terraform validate
-* terraform plan -out planfile
-* terraform apply -auto-approve -input=false -parallelism=1 planfile
-####
-#####
+
+
+## Benefits
+
+### .Time management
+. Reduce human error
+. code versioning
+. scalability
+. Separate the planning from excecutions (dry-run)
+
+
+## workflow
+
+### terraform init
+
+- what happens ?
+
+	- Initialize the working directory
+	- Downloads the necessary providers and modules
+	- prepare the backend of state file
+
+### terraform plan
+
+- what happens ?
+
+	- Checks the configurations files
+	- Compares those with the current state ( state of your infrastructure)
+	- Shows a preview of the changes to be made
+
+### terraform apply
+
+- what happens ?
+
+	- Provisions the resources on your Cloud provider (AWS)
+	- Update the state file
+
+## Different backend (use to store the state file)
+
+### Local backend (inside my computer)
+
+### Remote Backend (HCP, s3, azure blob storage, consul ...)
+
+## CRUD
+
+### CUD
+
+- Create the resouce
+- Update the resource
+- Delete the resource
+
+### R
+
+- Read the resource
+
+## State locking
+
+*XMind - Trial Version*
diff --git a/terraform/main.tf b/terraform/main.tf
index 94b6fc75a..c34b12c20 100644
--- a/terraform/main.tf
+++ b/terraform/main.tf
@@ -13,4 +13,4 @@ locals {
   cluster_name = var.clusterName
 }
 
-##
\ No newline at end of file
+###
\ No newline at end of file
diff --git a/terraform/terraform.tf b/terraform/terraform.tf
index 67b75c673..5b636d6bd 100644
--- a/terraform/terraform.tf
+++ b/terraform/terraform.tf
@@ -27,13 +27,13 @@ terraform {
   }
 
   backend "s3" {
-    bucket = "gitopsterrastate"
-    key    = "terraform.tfstate"
-    region = "us-east-2"
+    bucket = "vprofileaction3"
+    key    = "dev/terraform.tfstate"
+    region = "us-east-1"
   }
 
   required_version = "~> 1.6.3"
 }
 ##
 ##
-##
+######
diff --git a/terraform/variables.tf b/terraform/variables.tf
index a41d982a0..d19424a8e 100644
--- a/terraform/variables.tf
+++ b/terraform/variables.tf
@@ -1,11 +1,11 @@
 variable "region" {
   description = "AWS region"
   type        = string
-  default     = "us-east-2"
+  default     = "us-east-1"
 }
 
 variable "clusterName" {
   description = "Name of the EKS cluster"
   type        = string
-  default     = "kitops-eks"
+  default     = "vprofile-eks"
 }