diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index b0b23f1..7f008c0 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -6,6 +6,9 @@ on:
     tags:
       - "v*"
 
+permissions:
+  contents: write
+
 jobs:
   release:
     uses: appvia/appvia-cicd-workflows/.github/workflows/terraform-module-release.yml@main
diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml
index 5917566..78c24e8 100644
--- a/.github/workflows/terraform.yml
+++ b/.github/workflows/terraform.yml
@@ -7,17 +7,20 @@ on:
   pull_request:
     branches:
       - main
-      - vnext
+
+permissions:
+  contents: read
+  pull-requests: write
 
 jobs:
-  budgets-module-validation:
+  budgets-validation:
     uses: appvia/appvia-cicd-workflows/.github/workflows/terraform-module-validation.yml@main
-    name: Budgets Module Validation
+    name: Budgets Validation
     with:
       working-directory: modules/budgets
 
-  team-budgets-module-validation:
+  team-budgets-validation:
     uses: appvia/appvia-cicd-workflows/.github/workflows/terraform-module-validation.yml@main
-    name: Team Budgets Module Validation
+    name: Team Budgets Validation
     with:
       working-directory: modules/team-budgets
diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl
new file mode 100644
index 0000000..b5b09d5
--- /dev/null
+++ b/.terraform.lock.hcl
@@ -0,0 +1,24 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/aws" {
+  version = "5.45.0"
+  hashes = [
+    "h1:8m3+C1VNevzU/8FsABoKp2rTOx3Ue7674INfhfk0TZY=",
+    "zh:1379bcf45aef3d486ee18b4f767bfecd40a0056510d26107f388be3d7994c368",
+    "zh:1615a6f5495acfb3a0cb72324587261dd4d72711a3cc51aff13167b14531501e",
+    "zh:18b69a0f33f8b1862fbd3f200756b7e83e087b73687085f2cf9c7da4c318e3e6",
+    "zh:2c5e7aecd197bc3d3b19290bad8cf4c390c2c6a77bb165da4e11f53f2dfe2e54",
+    "zh:3794da9bef97596e3bc60e12cdd915bda5ec2ed62cd1cd93723d58b4981905fe",
+    "zh:40a5e45ed91801f83db76dffd467dcf425ea2ca8642327cf01119601cb86021c",
+    "zh:4abfc3f53d0256a7d5d1fa5e931e4601b02db3d1da28f452341d3823d0518f1a",
+    "zh:4eb0e98078f79aeb06b5ff6115286dc2135d12a80287885698d04036425494a2",
+    "zh:75470efbadea4a8d783642497acaeec5077fc4a7f3df3340defeaa1c7de29bf7",
+    "zh:8861a0b4891d5fa2fa7142f236ae613cea966c45b5472e3915a4ac3abcbaf487",
+    "zh:8bf6f21cd9390b742ca0b4393fde92616ca9e6553fb75003a0999006ad233d35",
+    "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425",
+    "zh:ad73008a044e75d337acda910fb54d8b81a366873c8a413fec1291034899a814",
+    "zh:bf261713b0b8bebfe8c199291365b87d9043849f28a2dc764bafdde73ae43693",
+    "zh:da3bafa1fd830be418dfcc730e85085fe67c0d415c066716f2ac350a2306f40a",
+  ]
+}
diff --git a/.tflint.hcl b/.tflint.hcl
index 27499dc..5a98d00 100644
--- a/.tflint.hcl
+++ b/.tflint.hcl
@@ -9,6 +9,7 @@ config {
   force  = false
 }
 
+
 rule "terraform_required_providers" {
   enabled = true
 }
diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..4948230
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,98 @@
+#
+# Copyright (C) 2024  Appvia Ltd <info@appvia.io>
+#  
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+# 
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+AUTHOR_EMAIL=info@appvia.io
+
+.PHONY: all security lint format documentation documentation-examples validate-all validate validate-examples init
+
+default: all
+
+all: 
+	$(MAKE) init
+	$(MAKE) validate
+	$(MAKE) lint
+	$(MAKE) security
+	$(MAKE) format
+	$(MAKE) documentation
+
+documentation: 
+	@echo "--> Generating documentation"
+	@terraform-docs markdown table --output-file ${PWD}/README.md --output-mode inject .
+	$(MAKE) documentation-examples
+
+documentation-examples:
+	@echo "--> Generating documentation examples"
+	@find examples -type d -mindepth 1 -maxdepth 1 -exec terraform-docs markdown table --output-file README.md --output-mode inject {} \;
+
+init: 
+	@echo "--> Running terraform init"
+	@terraform init -backend=false
+
+security: 
+	@echo "--> Running Security checks"
+	@tfsec .
+	$(MAKE) security-examples
+
+security-examples:
+	@echo "--> Running Security checks on examples"
+	@find examples -type d -mindepth 1 -maxdepth 1 | while read -r dir; do \
+		echo "--> Validating $$dir"; \
+		tfsec $$dir; \
+	done
+
+validate-all:
+	@echo "--> Running all validation checks"
+	$(MAKE) validate
+	$(MAKE) validate-examples
+
+validate:
+	@echo "--> Running terraform validate"
+	@terraform init -backend=false
+	@terraform validate
+	$(MAKE) validate-examples
+
+validate-examples:
+	@echo "--> Running terraform validate on examples"
+	@find examples -type d -mindepth 1 -maxdepth 1 | while read -r dir; do \
+		echo "--> Validating $$dir"; \
+		terraform -chdir=$$dir init; \
+		terraform -chdir=$$dir validate; \
+	done
+
+lint:
+	@echo "--> Running tflint"
+	@tflint --init 
+	@tflint -f compact
+	$(MAKE) lint-examples
+
+lint-examples:
+	@echo "--> Running tflint on examples"
+	@find examples -type d -mindepth 1 -maxdepth 1 | while read -r dir; do \
+		echo "--> Linting $$dir"; \
+		tflint --chdir=$$dir --init; \
+		tflint --chdir=$$dir -f compact; \
+	done
+
+format: 
+	@echo "--> Running terraform fmt"
+	@terraform fmt -recursive -write=true
+
+clean:
+	@echo "--> Cleaning up"
+	@find . -type d -name ".terraform" | while read -r dir; do \
+		echo "--> Removing $$dir"; \
+		rm -rf $$dir; \
+	done
diff --git a/examples/budgets/README.md b/examples/budgets/README.md
new file mode 100644
index 0000000..a497071
--- /dev/null
+++ b/examples/budgets/README.md
@@ -0,0 +1,41 @@
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.0.0 |
+| <a name="requirement_awscc"></a> [awscc](#requirement\_awscc) | >= 0.11.0 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.0.0 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| <a name="module_budgets"></a> [budgets](#module\_budgets) | ../../modules/budgets | n/a |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_secretsmanager_secret.notification](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/secretsmanager_secret) | data source |
+| [aws_secretsmanager_secret_version.notification](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/secretsmanager_secret_version) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_budgets"></a> [budgets](#input\_budgets) | A collection of budgets to provision | <pre>list(object({<br>    name         = string<br>    budget_type  = optional(string, "COST")<br>    limit_amount = optional(string, "100.0")<br>    limit_unit   = optional(string, "PERCENTAGE")<br>    time_unit    = optional(string, "MONTHLY")<br><br>    notification = optional(object({<br>      comparison_operator = string<br>      threshold           = number<br>      threshold_type      = string<br>      notification_type   = string<br>    }), null)<br><br>    auto_adjust_data = optional(list(object({<br>      auto_adjust_type = string<br>    })), [])<br><br>    cost_filter = optional(list(object({<br>      name   = string<br>      values = list(string)<br>    })), [])<br><br>    cost_types = optional(object({<br>      include_credit             = optional(bool, false)<br>      include_discount           = optional(bool, false)<br>      include_other_subscription = optional(bool, false)<br>      include_recurring          = optional(bool, false)<br>      include_refund             = optional(bool, false)<br>      include_subscription       = optional(bool, false)<br>      include_support            = optional(bool, false)<br>      include_tax                = optional(bool, false)<br>      include_upfront            = optional(bool, false)<br>      use_blended                = optional(bool, false)<br>      }), {<br>      include_credit             = false<br>      include_discount           = false<br>      include_other_subscription = false<br>      include_recurring          = false<br>      include_refund             = false<br>      include_subscription       = true<br>      include_support            = false<br>      include_tax                = false<br>      include_upfront            = false<br>      use_blended                = false<br>    })<br>  }))</pre> | `[]` | no |
+| <a name="input_notification_emails"></a> [notification\_emails](#input\_notification\_emails) | A list of email addresses to notify when a budget exceeds its threshold | `list(string)` | `[]` | no |
+| <a name="input_notification_secret_name"></a> [notification\_secret\_name](#input\_notification\_secret\_name) | The name of the secret containing the email address to notify when a budget exceeds its threshold | `string` | `"notification/secret"` | no |
+| <a name="input_tags"></a> [tags](#input\_tags) | A map of tags to add to all resources | `map(string)` | `{}` | no |
+
+## Outputs
+
+No outputs.
+<!-- END_TF_DOCS -->
\ No newline at end of file