diff --git a/.github/workflows/label-issues.yml b/.github/workflows/label-issues.yml
index 6180bd9..55c284d 100644
--- a/.github/workflows/label-issues.yml
+++ b/.github/workflows/label-issues.yml
@@ -16,7 +16,7 @@ jobs:
       issues: write
     steps:
       - name: Label issues
-        uses: andymckay/labeler@e6c4322d0397f3240f0e7e30a33b5c5df2d39e90
+        uses: andymckay/labeler@3a4296e9dcdf9576b0456050db78cfd34853f260
         with:
           add-labels: "network-access-control"
           repo-token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/terraform-apply.yaml b/.github/workflows/terraform-apply.yaml
index f573754..70ef11a 100644
--- a/.github/workflows/terraform-apply.yaml
+++ b/.github/workflows/terraform-apply.yaml
@@ -57,7 +57,7 @@ jobs:
 
     # Install the specified version of Terraform CLI
     - name: Setup Terraform
-      uses: hashicorp/setup-terraform@v2
+      uses: hashicorp/setup-terraform@v3
       with:
         terraform_version: ${{ env.TFVERSION }}
 
diff --git a/Makefile b/Makefile
index 3ccd4ff..5e86ab1 100644
--- a/Makefile
+++ b/Makefile
@@ -112,6 +112,14 @@ refresh: ## terraform refresh
 output: ## terraform output (make output OUTPUT_ARGUMENT='--raw dns_dhcp_vpc_id')
 	$(DOCKER_RUN) /bin/bash -c "terraform output -no-color ${OUTPUT_ARGUMENT}"
 
+.PHONY: output-bastion-rds-admin
+output-bastion-rds-admin: ## terraform output (make output-bastion-rds-admin)
+	$(DOCKER_RUN) /bin/bash -c "terraform output -no-color -json rds_bastion | jq -r .admin[][]"
+
+.PHONY: output-bastion-rds-server
+output-bastion-rds-server: ## terraform output (make output-bastion-rds-server)
+	$(DOCKER_RUN) /bin/bash -c "terraform output -no-color -json rds_bastion | jq -r .server[][]"
+
 .PHONY: apply
 apply: ## terraform apply
 	$(DOCKER_RUN) /bin/bash -c "terraform apply"
diff --git a/bastion-rds-admin.tf b/bastion-rds-admin.tf
index 3bc0b60..b0c1487 100644
--- a/bastion-rds-admin.tf
+++ b/bastion-rds-admin.tf
@@ -11,7 +11,6 @@ module "rds_admin_bastion" {
   vpc_cidr_block              = module.admin_vpc.vpc.vpc_cidr_block
   private_subnets             = module.admin_vpc.public_subnets
   security_group_ids          = [module.admin.security_group_ids.admin_ecs]
-  ami_name                    = "diso-devops/bastion/rds-admin/ubuntu-jammy-22.04-amd64-server-1.0.1"
   number_of_bastions          = 1
   assume_role                 = local.s3-mojo_file_transfer_assume_role_arn
   associate_public_ip_address = false
diff --git a/bastion-rds-servers.tf b/bastion-rds-servers.tf
index 5cdd9b7..09c6f7b 100644
--- a/bastion-rds-servers.tf
+++ b/bastion-rds-servers.tf
@@ -11,7 +11,6 @@ module "rds_servers_bastion" {
   vpc_cidr_block              = module.radius_vpc.vpc.vpc_cidr_block
   private_subnets             = module.radius_vpc.private_subnets
   security_group_ids          = [module.radius.security_group_ids.radius_server]
-  ami_name                    = "diso-devops/bastion/rds-admin/ubuntu-jammy-22.04-amd64-server-1.0.1"
   number_of_bastions          = 1
   assume_role                 = local.s3-mojo_file_transfer_assume_role_arn
   associate_public_ip_address = false
diff --git a/modules/bastion/bastion.tf b/modules/bastion/bastion.tf
index ec9d3c4..67f004e 100644
--- a/modules/bastion/bastion.tf
+++ b/modules/bastion/bastion.tf
@@ -34,15 +34,9 @@ data "aws_ami" "ubuntu" {
     values = ["${var.ami_name}"]
   }
 
-  filter {
-    name   = "virtualization-type"
-    values = ["hvm"]
+  tags = {
+    deploy_to_all_environments = "True"
   }
 
-  #   filter {
-  #   name = "tag:env_${terraform.workspace}"
-  #   values = ["true"]
-  # }
-
-  owners = ["683290208331"] # shared services accunt
+  owners = ["683290208331"] # shared services account
 }
diff --git a/modules/bastion/outputs.tf b/modules/bastion/outputs.tf
new file mode 100644
index 0000000..5c97cff
--- /dev/null
+++ b/modules/bastion/outputs.tf
@@ -0,0 +1,3 @@
+output "bastion" {
+  value = aws_instance.bastion[*].id
+}
diff --git a/modules/bastion/variables.tf b/modules/bastion/variables.tf
index d838d62..7ad4ccd 100644
--- a/modules/bastion/variables.tf
+++ b/modules/bastion/variables.tf
@@ -46,7 +46,7 @@ variable "security_group_ids" {
 variable "ami_name" {
   type        = string
   description = "The ami name"
-  default     = "diso-devops/bastion/rds-admin/ubuntu-jammy-22.04-amd64-server-1.0.1"
+  default     = "diso-devops/bastion/ubuntu-jammy-22.04-amd64-server-generic-*"
 }
 
 variable "assume_role" {
diff --git a/outputs.tf b/outputs.tf
index 27abe49..9114432 100644
--- a/outputs.tf
+++ b/outputs.tf
@@ -24,3 +24,10 @@ output "terraform_outputs" {
     }
   }
 }
+
+output "rds_bastion" {
+  value = {
+    admin  = module.rds_admin_bastion[*].bastion
+    server = module.rds_servers_bastion[*].bastion
+  }
+}