diff --git a/terraform/infrastructure/s940/prod/acr/.env.template b/terraform/infrastructure/s940/prod/acr/.env.template
index a89379dd6..dde8f75fa 100644
--- a/terraform/infrastructure/s940/prod/acr/.env.template
+++ b/terraform/infrastructure/s940/prod/acr/.env.template
@@ -11,10 +11,10 @@ key="acr/terraform.tfstate" # dev.radixtfexample.terraform.tfstate
 # Configure the Microsoft Azure Provider
 
 # service principal client_id
-client_id="043e5510-738f-4c30-8b9d-ee32578c7fe8" # ar-radix-platform-github-platform-cluster-maintenance
+client_id="043e5510-738f-4c30-8b9d-ee32578c7fe8" # OP-Terraform-Github Action
 
 # service principal client_secret
-client_secret="" # ar-radix-platform-github-platform-cluster-maintenance secret
+client_secret="" # OP-Terraform-Github Action secret
 
 subscription_id="ded7ca41-37c8-4085-862f-b11d21ab341a" # S940-Omnia-Radix-Production
 tenant_id="3aa4a235-b6e2-48d5-9195-7fcf05b459b0"
diff --git a/terraform/infrastructure/s940/prod/keyvaults/.env.template b/terraform/infrastructure/s940/prod/keyvaults/.env.template
index 2d48d7b26..34ac783ee 100644
--- a/terraform/infrastructure/s940/prod/keyvaults/.env.template
+++ b/terraform/infrastructure/s940/prod/keyvaults/.env.template
@@ -11,10 +11,10 @@ key="keyvaults/terraform.tfstate"
 # Configure the Microsoft Azure Provider
 
 # service principal client_id
-client_id="043e5510-738f-4c30-8b9d-ee32578c7fe8" # ar-radix-platform-github-platform-cluster-maintenance
+client_id="043e5510-738f-4c30-8b9d-ee32578c7fe8" # OP-Terraform-Github Action
 
 # service principal client_secret
-client_secret="" # ar-radix-platform-github-platform-cluster-maintenance secret
+client_secret="" # OP-Terraform-Github Action secret
 
 subscription_id="ded7ca41-37c8-4085-862f-b11d21ab341a" # S940-Omnia-Radix-Production
 tenant_id="3aa4a235-b6e2-48d5-9195-7fcf05b459b0"
diff --git a/terraform/infrastructure/s940/prod/logicapps/.env.template b/terraform/infrastructure/s940/prod/logicapps/.env.template
index 46bb7131e..9b946d8b4 100644
--- a/terraform/infrastructure/s940/prod/logicapps/.env.template
+++ b/terraform/infrastructure/s940/prod/logicapps/.env.template
@@ -11,10 +11,10 @@ key="logicapps/terraform.tfstate"
 # Configure the Microsoft Azure Provider
 
 # service principal client_id
-client_id="043e5510-738f-4c30-8b9d-ee32578c7fe8" # ar-radix-platform-github-platform-cluster-maintenance
+client_id="043e5510-738f-4c30-8b9d-ee32578c7fe8" # OP-Terraform-Github Action
 
 # service principal client_secret
-client_secret="" # ar-radix-platform-github-platform-cluster-maintenance secret
+client_secret="" # OP-Terraform-Github Action secret
 
 subscription_id="ded7ca41-37c8-4085-862f-b11d21ab341a" # S940-Omnia-Radix-Production
 tenant_id="3aa4a235-b6e2-48d5-9195-7fcf05b459b0"
diff --git a/terraform/infrastructure/s940/prod/managedidentity/.env.template b/terraform/infrastructure/s940/prod/managedidentity/.env.template
index 170359db6..6df9dffe4 100644
--- a/terraform/infrastructure/s940/prod/managedidentity/.env.template
+++ b/terraform/infrastructure/s940/prod/managedidentity/.env.template
@@ -11,10 +11,10 @@ key="managedidentity/terraform.tfstate"
 # Configure the Microsoft Azure Provider
 
 # service principal client_id
-client_id="043e5510-738f-4c30-8b9d-ee32578c7fe8" # ar-radix-platform-github-platform-cluster-maintenance
+client_id="043e5510-738f-4c30-8b9d-ee32578c7fe8" # OP-Terraform-Github Action
 
 # service principal client_secret
-client_secret="" # ar-radix-platform-github-platform-cluster-maintenance secret
+client_secret="" # OP-Terraform-Github Action secret
 
 subscription_id="ded7ca41-37c8-4085-862f-b11d21ab341a" # S940-Omnia-Radix-Production
 tenant_id="3aa4a235-b6e2-48d5-9195-7fcf05b459b0"
diff --git a/terraform/infrastructure/s940/prod/mysql/.env.template b/terraform/infrastructure/s940/prod/mysql/.env.template
index 589e4951d..c8193ce44 100644
--- a/terraform/infrastructure/s940/prod/mysql/.env.template
+++ b/terraform/infrastructure/s940/prod/mysql/.env.template
@@ -11,10 +11,10 @@ key="mysql/terraform.tfstate"
 # Configure the Microsoft Azure Provider
 
 # service principal client_id
-client_id="043e5510-738f-4c30-8b9d-ee32578c7fe8" # ar-radix-platform-github-platform-cluster-maintenance
+client_id="043e5510-738f-4c30-8b9d-ee32578c7fe8" # OP-Terraform-Github Action
 
 # service principal client_secret
-client_secret="" # ar-radix-platform-github-platform-cluster-maintenance secret
+client_secret="" # OP-Terraform-Github Action secret
 
 subscription_id="ded7ca41-37c8-4085-862f-b11d21ab341a" # S940-Omnia-Radix-Production
 tenant_id="3aa4a235-b6e2-48d5-9195-7fcf05b459b0"
diff --git a/terraform/infrastructure/s940/prod/networkmanager/.env.template b/terraform/infrastructure/s940/prod/networkmanager/.env.template
index 1a31e1d20..1d21e9f76 100644
--- a/terraform/infrastructure/s940/prod/networkmanager/.env.template
+++ b/terraform/infrastructure/s940/prod/networkmanager/.env.template
@@ -14,7 +14,7 @@ key="networkmanager/terraform.tfstate"
 client_id="043e5510-738f-4c30-8b9d-ee32578c7fe8" # OP-Terraform-Github Action
 
 # service principal client_secret
-client_secret="" # ar-radix-platform-github-platform-cluster-maintenance secret
+client_secret="" # OP-Terraform-Github Action secret
 
 subscription_id="ded7ca41-37c8-4085-862f-b11d21ab341a" # S940-Omnia-Radix-Production
 tenant_id="3aa4a235-b6e2-48d5-9195-7fcf05b459b0"
\ No newline at end of file
diff --git a/terraform/infrastructure/s940/prod/policy/.env.template b/terraform/infrastructure/s940/prod/policy/.env.template
index dfd988c3f..abad901d5 100644
--- a/terraform/infrastructure/s940/prod/policy/.env.template
+++ b/terraform/infrastructure/s940/prod/policy/.env.template
@@ -14,7 +14,7 @@ key="policy/terraform.tfstate"
 client_id="043e5510-738f-4c30-8b9d-ee32578c7fe8" # OP-Terraform-Github Action
 
 # service principal client_secret
-client_secret="" # ar-radix-platform-github-platform-cluster-maintenance secret
+client_secret="" # OP-Terraform-Github Action secret
 
 subscription_id="ded7ca41-37c8-4085-862f-b11d21ab341a" # S940-Omnia-Radix-Production
 tenant_id="3aa4a235-b6e2-48d5-9195-7fcf05b459b0"
diff --git a/terraform/infrastructure/s940/prod/resourcegroups/.env.template b/terraform/infrastructure/s940/prod/resourcegroups/.env.template
index 94f722890..48453404c 100644
--- a/terraform/infrastructure/s940/prod/resourcegroups/.env.template
+++ b/terraform/infrastructure/s940/prod/resourcegroups/.env.template
@@ -11,7 +11,7 @@ key="resourcegroups/terraform.tfstate" # dev.radixtfexample.terraform.tfstate
 # Configure the Microsoft Azure Provider
 
 # service principal client_id
-client_id="043e5510-738f-4c30-8b9d-ee32578c7fe8" # ar-radix-platform-github-platform-cluster-maintenance
+client_id="043e5510-738f-4c30-8b9d-ee32578c7fe8" # OP-Terraform-Github Action
 
 # service principal client_secret
 client_secret="" # ar-radix-platform-github-dev-cluster-maintenance secret
diff --git a/terraform/infrastructure/s940/prod/sqldatabases/.env.template b/terraform/infrastructure/s940/prod/sqldatabases/.env.template
index 7c1cd17db..af01710bf 100644
--- a/terraform/infrastructure/s940/prod/sqldatabases/.env.template
+++ b/terraform/infrastructure/s940/prod/sqldatabases/.env.template
@@ -11,10 +11,10 @@ key="sqldatabase/terraform.tfstate"
 # Configure the Microsoft Azure Provider
 
 # service principal client_id
-client_id="043e5510-738f-4c30-8b9d-ee32578c7fe8" # ar-radix-platform-github-platform-cluster-maintenance
+client_id="043e5510-738f-4c30-8b9d-ee32578c7fe8" # OP-Terraform-Github Action
 
 # service principal client_secret
-client_secret="" # ar-radix-platform-github-platform-cluster-maintenance secret
+client_secret="" # OP-Terraform-Github Action secret
 
 subscription_id="ded7ca41-37c8-4085-862f-b11d21ab341a" # S940-Omnia-Radix-Production
 tenant_id="3aa4a235-b6e2-48d5-9195-7fcf05b459b0"
\ No newline at end of file
diff --git a/terraform/infrastructure/s940/prod/storageaccounts/.env.template b/terraform/infrastructure/s940/prod/storageaccounts/.env.template
index d55518066..c4be543c8 100644
--- a/terraform/infrastructure/s940/prod/storageaccounts/.env.template
+++ b/terraform/infrastructure/s940/prod/storageaccounts/.env.template
@@ -11,7 +11,7 @@ key="storageaccounts/terraform.tfstate" # dev.radixtfexample.terraform.tfstate
 # Configure the Microsoft Azure Provider
 
 # service principal client_id
-client_id="043e5510-738f-4c30-8b9d-ee32578c7fe8" # ar-radix-platform-github-platform-cluster-maintenance
+client_id="043e5510-738f-4c30-8b9d-ee32578c7fe8" # OP-Terraform-Github Action
 
 # service principal client_secret
 client_secret="" # ar-radix-platform-github-dev-cluster-maintenance secret
diff --git a/terraform/infrastructure/s940/prod/storageaccounts/main.tf b/terraform/infrastructure/s940/prod/storageaccounts/main.tf
index 100487dda..c0624540d 100644
--- a/terraform/infrastructure/s940/prod/storageaccounts/main.tf
+++ b/terraform/infrastructure/s940/prod/storageaccounts/main.tf
@@ -33,12 +33,12 @@ locals {
 }
 
 data "azurerm_key_vault" "keyvault_env" {
-  name                = "radix-vault-${var.RADIX_ZONE}"
+  name                = var.KV_RADIX_VAULT
   resource_group_name = var.AZ_RESOURCE_GROUP_COMMON
 }
 
 data "azurerm_key_vault_secret" "whitelist_ips" {
-  name         = "acr-whitelist-sa-${var.RADIX_ZONE}"
+  name         = "acr-whitelist-ips-${var.RADIX_ZONE}"
   key_vault_id = data.azurerm_key_vault.keyvault_env.id
 }
 
diff --git a/terraform/infrastructure/s940/prod/storageaccounts/variables.tf b/terraform/infrastructure/s940/prod/storageaccounts/variables.tf
index 2d05d6ac0..bdfe83946 100644
--- a/terraform/infrastructure/s940/prod/storageaccounts/variables.tf
+++ b/terraform/infrastructure/s940/prod/storageaccounts/variables.tf
@@ -52,6 +52,14 @@ variable "storage_accounts" {
   default = {}
 }
 
+variable "resource_groups" {
+  type = map(object({
+    name     = string                          # Mandatory
+    location = optional(string, "northeurope") # Optional
+  }))
+  default = {}
+}
+
 variable "virtual_networks" {
   type = map(object({
     name    = optional(string, "vnet-hub")
@@ -68,10 +76,7 @@ variable "private_link" {
   default = null
 }
 
-variable "resource_groups" {
-  type = map(object({
-    name     = string                          # Mandatory
-    location = optional(string, "northeurope") # Optional
-  }))
-  default = {}
+variable "KV_RADIX_VAULT" {
+  description = "Radix keyvault"
+  type        = string
 }
diff --git a/terraform/infrastructure/s941/dev/storageaccounts/.env.template b/terraform/infrastructure/s941/dev/storageaccounts/.env.template
new file mode 100644
index 000000000..663db0d34
--- /dev/null
+++ b/terraform/infrastructure/s941/dev/storageaccounts/.env.template
@@ -0,0 +1,20 @@
+## For local development: copy this file, rename it to `backend_config.env`, and populate accordingly
+
+resource_group_name="s941-tfstate"
+storage_account_name ="s941radixinfra"
+container_name="infrastructure"
+use_azuread_auth=true
+
+# tfstate name
+key="storageaccounts/terraform.tfstate" # dev.radixtfexample.terraform.tfstate
+
+# Configure the Microsoft Azure Provider
+
+# service principal client_id
+client_id="f1e6bc52-9aa4-4ca7-a9ac-b7a19d8f0f86" # ar-radix-platform-github-dev-cluster-maintenance
+
+# service principal client_secret
+client_secret="" # ar-radix-platform-github-dev-cluster-maintenance secret
+
+subscription_id="16ede44b-1f74-40a5-b428-46cca9a5741b" # S941-Omnia-Radix-Development
+tenant_id="3aa4a235-b6e2-48d5-9195-7fcf05b459b0"
\ No newline at end of file
diff --git a/terraform/infrastructure/s941/dev/storageaccounts/main.tf b/terraform/infrastructure/s941/dev/storageaccounts/main.tf
index 51d2f3624..254d2b8e4 100644
--- a/terraform/infrastructure/s941/dev/storageaccounts/main.tf
+++ b/terraform/infrastructure/s941/dev/storageaccounts/main.tf
@@ -33,12 +33,12 @@ locals {
 }
 
 data "azurerm_key_vault" "keyvault_env" {
-  name                = "radix-vault-${var.RADIX_ZONE}"
+  name                = var.KV_RADIX_VAULT
   resource_group_name = var.AZ_RESOURCE_GROUP_COMMON
 }
 
 data "azurerm_key_vault_secret" "whitelist_ips" {
-  name         = "acr-whitelist-sa-${var.RADIX_ZONE}"
+  name         = "acr-whitelist-ips-${var.RADIX_ZONE}"
   key_vault_id = data.azurerm_key_vault.keyvault_env.id
 }
 
diff --git a/terraform/infrastructure/s941/dev/storageaccounts/variables.tf b/terraform/infrastructure/s941/dev/storageaccounts/variables.tf
index 8275e548a..65537f1fe 100644
--- a/terraform/infrastructure/s941/dev/storageaccounts/variables.tf
+++ b/terraform/infrastructure/s941/dev/storageaccounts/variables.tf
@@ -52,6 +52,14 @@ variable "storage_accounts" {
   default = {}
 }
 
+variable "resource_groups" {
+  type = map(object({
+    name     = string                          # Mandatory
+    location = optional(string, "northeurope") # Optional
+  }))
+  default = {}
+}
+
 variable "virtual_networks" {
   type = map(object({
     name    = optional(string, "vnet-hub")
@@ -68,10 +76,7 @@ variable "private_link" {
   default = null
 }
 
-variable "resource_groups" {
-  type = map(object({
-    name     = string                          # Mandatory
-    location = optional(string, "northeurope") # Optional
-  }))
-  default = {}
+variable "KV_RADIX_VAULT" {
+  description = "Radix keyvault"
+  type        = string
 }