diff --git a/.github/workflows/pipeline.yaml b/.github/workflows/pipeline.yaml
index b4daf88c8..1c8d4408d 100644
--- a/.github/workflows/pipeline.yaml
+++ b/.github/workflows/pipeline.yaml
@@ -5,15 +5,14 @@ on:
     branches:
       - rule-sets-DTSPO-17918
 
+env:
+  TF_LOG: INFO
+
 permissions:
   id-token: write
   contents: read
-  actions: write
 
-env:
-  TF_LOG: INFO
-
-jobs:
+jobs: 
   deploy-infra:
     runs-on: ubuntu-latest
     steps:
@@ -34,31 +33,8 @@ jobs:
       run: |
         az account show
 
-    - name: Install jq
-      run: |
-        sudo apt-get install jq -y
-
-    - name: Debug Repositories and Branches
-      run: |
-        echo "Checking Repositories and Branches"
-        cat ./test-repos.json
-        for repo in $(jq -r '.[]' ./test-repos.json); do
-          echo "Checking repository: $repo"
-          curl -H "Authorization: token ${{ secrets.PAT_TOKEN }}" \
-               -H "Accept: application/vnd.github.v3+json" \
-               https://api.github.com/repos/hmcts/$repo
-
-          for branch in main master; do
-            echo "Checking branch: $branch in repository: $repo"
-            curl -H "Authorization: token ${{ secrets.PAT_TOKEN }}" \
-                 -H "Accept: application/vnd.github.v3+json" \
-                 https://api.github.com/repos/hmcts/$repo/branches/$branch
-          done
-        done
-
-    - name: Terraform Init and Plan
-      id: plan
-      working-directory: ./components
+    - name: Terraform Init
+      working-directory: components
       env:
         STORAGE_ACCOUNT: ${{ secrets.STORAGE_ACCOUNT }}
         CONTAINER_NAME: ${{ secrets.CONTAINER_NAME }}
@@ -66,19 +42,20 @@ jobs:
         ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
         ARM_SUBSCRIPTION_ID: ${{ secrets.DCD_CFT_SANDBOX_SUBSCRIPTION }}
         ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
-        GITHUB_TOKEN: ${{ secrets.PAT_TOKEN}}
-      run: |
-        terraform init -backend-config="storage_account_name=$STORAGE_ACCOUNT" -backend-config="container_name=$CONTAINER_NAME" -backend-config="resource_group_name=$RESOURCE_GROUP_NAME"
-        terraform plan -out=tfplan
+      run: terraform init -backend-config="storage_account_name=$STORAGE_ACCOUNT" -backend-config="container_name=$CONTAINER_NAME" -backend-config="resource_group_name=$RESOURCE_GROUP_NAME"
+
+    - name: Terraform Plan
+      working-directory: components
+      env:
+        ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
+        ARM_SUBSCRIPTION_ID: ${{ secrets.DCD_CFT_SANDBOX_SUBSCRIPTION }}
+        ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
+      run: terraform plan -var-file="components/terraform.tfvars"
 
-    - name: Terraform apply
-      working-directory: ./components
-      id: apply
+    - name: Terraform Apply
+      working-directory: components
       env:
         ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
         ARM_SUBSCRIPTION_ID: ${{ secrets.DCD_CFT_SANDBOX_SUBSCRIPTION }}
         ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
-        GITHUB_TOKEN: ${{ secrets.PAT_TOKEN }}
-      run: terraform apply -auto-approve tfplan
-      
-      
+      run: terraform apply -var-file="components/terraform.tfvars" -auto-approve