diff --git a/.github/workflows/autoupdate-pre-commit.yml b/.github/workflows/autoupdate-pre-commit.yml
new file mode 100644
index 0000000..2f57a96
--- /dev/null
+++ b/.github/workflows/autoupdate-pre-commit.yml
@@ -0,0 +1,24 @@
+name: Pre-commit auto-update
+
+on:
+  # every sunday at midnight
+  schedule:
+    - cron: "0 0 * * 0"
+  # on demand
+  workflow_dispatch:
+
+permissions:
+  actions: read
+  checks: read
+  contents: write #require this to write to repo
+  pull-requests: write #require this to create PR
+
+jobs:
+  auto-update:
+    runs-on:
+      - ubuntu-latest
+    steps:
+      - uses: SPHTech-Platform/gha-pre-commit-autoupdate@main
+        name: Update pre-commit config automatically
+        with:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/autoupdate-tflint-aws-plugin.yml b/.github/workflows/autoupdate-tflint-aws-plugin.yml
new file mode 100644
index 0000000..94f0995
--- /dev/null
+++ b/.github/workflows/autoupdate-tflint-aws-plugin.yml
@@ -0,0 +1,24 @@
+name: tflint aws plugin auto-update
+
+on:
+  # every sunday at midnight
+  schedule:
+    - cron: "0 0 * * 0"
+  # on demand
+  workflow_dispatch:
+
+permissions:
+  actions: read
+  checks: read
+  contents: write #require this to write to repo
+  pull-requests: write #require this to create PR
+
+jobs:
+  auto-update:
+    runs-on:
+      - ubuntu-latest
+    steps:
+      - uses: SPHTech-Platform/gha-tflint-aws-plugin-autoupdate@main
+        name: Update tflint aws plugin automatically
+        with:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.tflint.hcl b/.tflint.hcl
new file mode 100644
index 0000000..f11d560
--- /dev/null
+++ b/.tflint.hcl
@@ -0,0 +1,59 @@
+plugin "aws" {
+  enabled = true
+  version = "0.23.1"
+  source  = "github.com/terraform-linters/tflint-ruleset-aws"
+}
+
+rule "terraform_deprecated_interpolation" {
+  enabled = true
+}
+
+rule "terraform_documented_outputs" {
+  enabled = true
+}
+
+rule "terraform_documented_variables" {
+  enabled = true
+}
+
+rule "terraform_module_pinned_source" {
+  enabled = true
+}
+
+rule "terraform_typed_variables" {
+  enabled = true
+}
+
+rule "terraform_required_version" {
+  enabled = false
+}
+
+rule "terraform_required_providers" {
+  enabled = true
+}
+
+rule "terraform_standard_module_structure" {
+  enabled = false
+}
+
+rule "terraform_unused_declarations" {
+  enabled = true
+}
+
+rule "terraform_unused_required_providers" {
+  enabled = true
+}
+
+# rule "aws_resource_missing_tags" {
+#   enabled = true
+#   tags = [
+#     "cost-cen",
+#     "env",
+#     "owner",
+#     "hello",
+#   ]
+# }
+
+rule "terraform_naming_convention" {
+  enabled = true
+}