diff --git a/terraform/environments/delius-core/dms.tf b/terraform/environments/delius-core/dms.tf
index 3b81d14500d..b6b073d0e49 100644
--- a/terraform/environments/delius-core/dms.tf
+++ b/terraform/environments/delius-core/dms.tf
@@ -4,10 +4,10 @@ module "dms" {
   account_info   = local.account_info
   tags           = local.tags
   env_name       = local.environment
-  dms_config     = lookup(local.dms_config, terraform.workspace, {
-                          replication_instance_class = "dms.t3.small"
-                          engine_version             = "3.5.1"
-                   })
+  dms_config = lookup(local.dms_config, terraform.workspace, {
+    replication_instance_class = "dms.t3.small"
+    engine_version             = "3.5.1"
+  })
   providers = {
     aws                    = aws
     aws.bucket-replication = aws
@@ -15,14 +15,14 @@ module "dms" {
 }
 
 locals {
-    dms_config = {
-        "delius-core-development" = {
-            replication_instance_class = "dms.t3.small"
-            engine_version             = "3.5.1"
-        }
-         "delius-core-test" = {
-            replication_instance_class = "dms.t3.medium"
-            engine_version             = "3.5.1"
-        }
+  dms_config = {
+    "delius-core-development" = {
+      replication_instance_class = "dms.t3.small"
+      engine_version             = "3.5.1"
     }
+    "delius-core-test" = {
+      replication_instance_class = "dms.t3.medium"
+      engine_version             = "3.5.1"
+    }
+  }
 }
\ No newline at end of file
diff --git a/terraform/environments/delius-core/modules/helpers/delius_microservice/ecs.tf b/terraform/environments/delius-core/modules/helpers/delius_microservice/ecs.tf
index 3559bf0241b..3ca74ce02c2 100644
--- a/terraform/environments/delius-core/modules/helpers/delius_microservice/ecs.tf
+++ b/terraform/environments/delius-core/modules/helpers/delius_microservice/ecs.tf
@@ -23,10 +23,10 @@ module "container_definition" {
 }
 
 module "ecs_policies" {
-  source       = "../ecs_policies"
-  env_name     = var.env_name
-  service_name = var.name
-  tags         = var.tags
+  source                   = "../ecs_policies"
+  env_name                 = var.env_name
+  service_name             = var.name
+  tags                     = var.tags
   extra_task_role_policies = var.extra_task_role_policies
 }
 
diff --git a/terraform/environments/delius-core/modules/helpers/delius_microservice/locals.tf b/terraform/environments/delius-core/modules/helpers/delius_microservice/locals.tf
index de7c6bd5bc4..cf0096fb700 100644
--- a/terraform/environments/delius-core/modules/helpers/delius_microservice/locals.tf
+++ b/terraform/environments/delius-core/modules/helpers/delius_microservice/locals.tf
@@ -45,7 +45,7 @@ locals {
 
   rds_secrets = var.rds_password_secret_variable != "" ? {
     (var.rds_password_secret_variable) = "${aws_db_instance.this[0].master_user_secret[0].secret_arn}:password::"
-    (var.rds_user_secret_variable) = "${aws_db_instance.this[0].master_user_secret[0].secret_arn}:username::"
+    (var.rds_user_secret_variable)     = "${aws_db_instance.this[0].master_user_secret[0].secret_arn}:username::"
   } : {}
 
   elasticache_env_vars = var.elasticache_endpoint_environment_variable != "" ? {
diff --git a/terraform/environments/delius-core/modules/helpers/delius_microservice/outputs.tf b/terraform/environments/delius-core/modules/helpers/delius_microservice/outputs.tf
index b98507fdeda..c63accd2571 100644
--- a/terraform/environments/delius-core/modules/helpers/delius_microservice/outputs.tf
+++ b/terraform/environments/delius-core/modules/helpers/delius_microservice/outputs.tf
@@ -15,7 +15,7 @@ output "task_role_arn" {
 }
 
 output "elasticache_endpoint" {
-  value = var.create_elasticache ? aws_elasticache_cluster.this[0].cache_nodes[0].address : null  
+  value = var.create_elasticache ? aws_elasticache_cluster.this[0].cache_nodes[0].address : null
 }
 
 output "elasticache_port" {
diff --git a/terraform/environments/delius-core/patch_manager.tf b/terraform/environments/delius-core/patch_manager.tf
index 46a0cfddc2f..16166c76b8c 100644
--- a/terraform/environments/delius-core/patch_manager.tf
+++ b/terraform/environments/delius-core/patch_manager.tf
@@ -3,8 +3,8 @@ module "ssm-auto-patching" {
   providers = {
     aws.bucket-replication = aws
   }
-  account_number             = local.environment_management.account_ids[terraform.workspace]
-  application_name           = local.application_name
+  account_number   = local.environment_management.account_ids[terraform.workspace]
+  application_name = local.application_name
   tags = merge(
     local.tags,
     {
diff --git a/terraform/environments/delius-jitbit/lb.tf b/terraform/environments/delius-jitbit/lb.tf
index 5896a3d1e46..414f1d7114a 100644
--- a/terraform/environments/delius-jitbit/lb.tf
+++ b/terraform/environments/delius-jitbit/lb.tf
@@ -31,7 +31,7 @@ resource "aws_security_group" "load_balancer_security_group" {
   name_prefix = "${local.application_name}-loadbalancer-security-group"
   description = "controls access to lb"
   vpc_id      = data.aws_vpc.shared.id
-  
+
   tags = merge(
     local.tags,
     {
@@ -40,13 +40,13 @@ resource "aws_security_group" "load_balancer_security_group" {
   )
 
   lifecycle {
-    create_before_destroy = true 
+    create_before_destroy = true
   }
 }
 
 resource "aws_vpc_security_group_ingress_rule" "load_balancer_ingress_rule" {
   for_each          = toset(local.internal_security_group_cidrs)
-  description = "Allow ingress from allow listed CIDRs"
+  description       = "Allow ingress from allow listed CIDRs"
   security_group_id = aws_security_group.load_balancer_security_group.id
   from_port         = 443
   to_port           = 443
@@ -56,7 +56,7 @@ resource "aws_vpc_security_group_ingress_rule" "load_balancer_ingress_rule" {
 
 resource "aws_vpc_security_group_ingress_rule" "load_balancer_ingress_rule_ipv6" {
   for_each          = toset(local.ipv6_cidr_blocks)
-  description = "Allow ingress from allow listed CIDRs"
+  description       = "Allow ingress from allow listed CIDRs"
   security_group_id = aws_security_group.load_balancer_security_group.id
   from_port         = 443
   to_port           = 443
@@ -66,12 +66,12 @@ resource "aws_vpc_security_group_ingress_rule" "load_balancer_ingress_rule_ipv6"
 
 resource "aws_vpc_security_group_egress_rule" "load_balancer_egress_rule" {
   for_each          = toset([data.aws_subnet.private_subnets_a.cidr_block, data.aws_subnet.private_subnets_b.cidr_block, data.aws_subnet.private_subnets_c.cidr_block])
-  description = "Allow egress to ECS instances"
+  description       = "Allow egress to ECS instances"
   security_group_id = aws_security_group.load_balancer_security_group.id
   from_port         = local.app_port
   to_port           = local.app_port
-  ip_protocol          = "tcp"
-  cidr_ipv4 = each.value
+  ip_protocol       = "tcp"
+  cidr_ipv4         = each.value
 }
 
 resource "aws_lb_listener" "listener" {
diff --git a/terraform/environments/delius-jitbit/locals.tf b/terraform/environments/delius-jitbit/locals.tf
index 69817a3bdf3..561d1ffa9e0 100644
--- a/terraform/environments/delius-jitbit/locals.tf
+++ b/terraform/environments/delius-jitbit/locals.tf
@@ -37,7 +37,7 @@ locals {
   internal_security_group_cidrs = distinct(flatten([
     module.ip_addresses.moj_cidrs.trusted_moj_digital_staff_public,
     module.ip_addresses.moj_cidrs.trusted_moj_enduser_internal,
-    module.ip_addresses.moj_cidrs.trusted_mojo_public, 
+    module.ip_addresses.moj_cidrs.trusted_mojo_public,
     module.ip_addresses.moj_cidr.ark_dc_external_internet,
     module.ip_addresses.moj_cidr.vodafone_dia_networks,
     module.ip_addresses.moj_cidr.palo_alto_primsa_access_corporate,
@@ -55,13 +55,13 @@ locals {
     ]
   ]))
 
-    ipv6_cidr_blocks = [
-      # Route53 Healthcheck Access Cidrs IPv6
-      "2406:da18:7ff:f800::/53",  # ap-southeast-1 Region
-      "2406:da18:fff:f800::/53",  # ap-southeast-1 Region
-      "2a05:d018:fff:f800::/53",  # eu-west-1 Region
-      "2a05:d018:7ff:f800::/53",  # eu-west-1 Region
-      "2600:1f18:7fff:f800::/53", # us-east-1 Region
-      "2600:1f18:3fff:f800::/53", # us-east-1 Region
-    ]
+  ipv6_cidr_blocks = [
+    # Route53 Healthcheck Access Cidrs IPv6
+    "2406:da18:7ff:f800::/53",  # ap-southeast-1 Region
+    "2406:da18:fff:f800::/53",  # ap-southeast-1 Region
+    "2a05:d018:fff:f800::/53",  # eu-west-1 Region
+    "2a05:d018:7ff:f800::/53",  # eu-west-1 Region
+    "2600:1f18:7fff:f800::/53", # us-east-1 Region
+    "2600:1f18:3fff:f800::/53", # us-east-1 Region
+  ]
 }
diff --git a/terraform/environments/delius-jitbit/sandbox_lb.tf b/terraform/environments/delius-jitbit/sandbox_lb.tf
index 1a5059a1db4..d268ab5d0ee 100644
--- a/terraform/environments/delius-jitbit/sandbox_lb.tf
+++ b/terraform/environments/delius-jitbit/sandbox_lb.tf
@@ -1,5 +1,5 @@
 resource "aws_lb_listener_rule" "listener_rule" {
-  count = local.is-development ? 1 : 0
+  count        = local.is-development ? 1 : 0
   listener_arn = aws_lb_listener.listener.arn
   priority     = 10
 
diff --git a/terraform/environments/delius-jitbit/ses_bounce.tf b/terraform/environments/delius-jitbit/ses_bounce.tf
index 0d2fd5a3d01..6b0484daaf9 100644
--- a/terraform/environments/delius-jitbit/ses_bounce.tf
+++ b/terraform/environments/delius-jitbit/ses_bounce.tf
@@ -40,9 +40,9 @@ resource "aws_lambda_function" "bounce_email_notification" {
 
   environment {
     variables = {
-      RATE_LIMIT = 5
+      RATE_LIMIT     = 5
       DYNAMODB_TABLE = aws_dynamodb_table.bounce_email_notification.name
-      FROM_ADDRESS = "notifications@${aws_sesv2_email_identity.jitbit.email_identity}"
+      FROM_ADDRESS   = "notifications@${aws_sesv2_email_identity.jitbit.email_identity}"
     }
   }
 
@@ -83,7 +83,7 @@ data "aws_iam_policy_document" "lambda_policy_bounce_email_notification" {
     ]
     resources = ["arn:aws:logs:*:*:*"]
   }
-  
+
   statement {
     actions = [
       "dynamodb:PutItem",
@@ -124,18 +124,18 @@ resource "aws_cloudwatch_log_group" "bounce_email_notification" {
 
 
 resource "aws_dynamodb_table" "bounce_email_notification" {
-  name           = "bounce_email_notification"
-  billing_mode   = "PAY_PER_REQUEST"
-  hash_key       = "email_ticket_id"
+  name         = "bounce_email_notification"
+  billing_mode = "PAY_PER_REQUEST"
+  hash_key     = "email_ticket_id"
 
   server_side_encryption {
-    enabled = true
+    enabled     = true
     kms_key_arn = data.aws_kms_key.general_shared.arn
   }
 
   ttl {
     attribute_name = "expireAt"
-    enabled = true
+    enabled        = true
   }
 
   attribute {
diff --git a/terraform/environments/delius-nextcloud/modules/components/nextcloud/ecs_service.tf b/terraform/environments/delius-nextcloud/modules/components/nextcloud/ecs_service.tf
index a61a5fb61b8..d7392d7ca4e 100644
--- a/terraform/environments/delius-nextcloud/modules/components/nextcloud/ecs_service.tf
+++ b/terraform/environments/delius-nextcloud/modules/components/nextcloud/ecs_service.tf
@@ -90,8 +90,8 @@ module "nextcloud_service" {
   db_ingress_security_groups = [aws_security_group.cluster.id]
 
   rds_endpoint_environment_variable         = "MYSQL_HOST"
-  rds_password_secret_variable = "MYSQL_PASSWORD"
-  rds_user_secret_variable     = "MYSQL_USER"
+  rds_password_secret_variable              = "MYSQL_PASSWORD"
+  rds_user_secret_variable                  = "MYSQL_USER"
   elasticache_endpoint_environment_variable = "REDIS_HOST"
 
   container_vars_default = {
@@ -100,7 +100,7 @@ module "nextcloud_service" {
     REDIS_PASSWORD            = "password"
     NEXTCLOUD_ADMIN_USER      = "admin"
     NEXTCLOUD_TRUSTED_DOMAINS = aws_route53_record.nextcloud_external.fqdn
-    S3_BUCKET_CONFIG  = module.s3_bucket_config.bucket.id
+    S3_BUCKET_CONFIG          = module.s3_bucket_config.bucket.id
   }
   container_vars_env_specific = {}
 
diff --git a/terraform/environments/delius-nextcloud/modules/components/nextcloud/s3.tf b/terraform/environments/delius-nextcloud/modules/components/nextcloud/s3.tf
index e02acbd4a51..c4762342b4a 100644
--- a/terraform/environments/delius-nextcloud/modules/components/nextcloud/s3.tf
+++ b/terraform/environments/delius-nextcloud/modules/components/nextcloud/s3.tf
@@ -5,7 +5,7 @@ module "s3_bucket_config" {
     aws.bucket-replication = aws
   }
 
-  bucket_prefix     = "${var.env_name}-config"
+  bucket_prefix      = "${var.env_name}-config"
   versioning_enabled = true
   sse_algorithm      = "AES256"
   # Useful guide - https://aws.amazon.com/blogs/storage/how-to-use-aws-datasync-to-migrate-data-between-amazon-s3-buckets/
@@ -18,7 +18,7 @@ module "s3_bucket_config" {
     principals = {
       type = "AWS"
       identifiers = [
-          module.nextcloud_service.task_role_arn,
+        module.nextcloud_service.task_role_arn,
       ]
     }
   }]
@@ -65,9 +65,9 @@ resource "aws_ssm_parameter" "nextcloud_secret" {
   type  = "SecureString"
   value = "replace_me"
   lifecycle {
-    ignore_changes = [ 
+    ignore_changes = [
       value
-     ]
+    ]
   }
 }
 
@@ -81,29 +81,29 @@ resource "aws_s3_object" "config" {
   content = templatefile("${path.module}/templates/nextcloud-conf.json.tftpl",
     {
       nextcloud_passwordsalt = random_password.nextcloud_password_salt.result,
-      nextcloud_secret = data.aws_ssm_parameter.nextcloud_secret.value,
-      nextcloud_id = "nextcloud",
+      nextcloud_secret       = data.aws_ssm_parameter.nextcloud_secret.value,
+      nextcloud_id           = "nextcloud",
       redis = {
         host = module.nextcloud_service.elasticache_endpoint
         port = module.nextcloud_service.elasticache_port
       },
       mail = {
-        server = "replace"
+        server       = "replace"
         from_address = "replace"
-        domain = "replace"
+        domain       = "replace"
       }
       nextcloud_s01ldap_agent_password = "replace"
-      fileshare_user_base = "replace"
-      standard_user_base = "replace"
-      fs_group_prefix = "replace"
-      ldap_host = "ldap.dev.delius-core.hmpps-development.modernisation-platform.internal"
-      pwm_url = "pwm.dev.delius-core.hmpps-development.modernisation-platform.service.justice.gov.uk"
+      fileshare_user_base              = "replace"
+      standard_user_base               = "replace"
+      fs_group_prefix                  = "replace"
+      ldap_host                        = "ldap.dev.delius-core.hmpps-development.modernisation-platform.internal"
+      pwm_url                          = "pwm.dev.delius-core.hmpps-development.modernisation-platform.service.justice.gov.uk"
 
       fileshare_base_groups = "replace"
-      fileshare_user_base = "replace"
-      standard_user_base = "replace"
+      fileshare_user_base   = "replace"
+      standard_user_base    = "replace"
 
-      ldap_user = "cn=admin,ou=Users,dc=moj,dc=com"
+      ldap_user                        = "cn=admin,ou=Users,dc=moj,dc=com"
       nextcloud_s01ldap_agent_password = "replace"
     }
   )
diff --git a/terraform/environments/delius-nextcloud/modules/environment/nextcloud.tf b/terraform/environments/delius-nextcloud/modules/environment/nextcloud.tf
index 1280d16a4c5..a845dfeffb0 100644
--- a/terraform/environments/delius-nextcloud/modules/environment/nextcloud.tf
+++ b/terraform/environments/delius-nextcloud/modules/environment/nextcloud.tf
@@ -4,7 +4,7 @@ module "nextcloud" {
   providers = {
     aws.core-network-services = aws.core-network-services
     aws.core-vpc              = aws.core-vpc
-    aws                    = aws
+    aws                       = aws
   }
 
   env_name      = "dev"