diff --git a/actions_secrets.tf b/actions_secrets.tf
new file mode 100644
index 0000000..2c43dce
--- /dev/null
+++ b/actions_secrets.tf
@@ -0,0 +1,14 @@
+locals {
+  secrets = [
+    "AWS_SECRET_ACCESS_KEY",
+    "AWS_SESSION_TOKEN",
+    "AWS_ACCESS_KEY_ID",
+    "GITHUB_TOKEN"
+  ]
+}
+
+module "env_var" {
+  source   = "HappyPathway/var/env"
+  for_each = toset(local.secrets)
+  env_var  = each.value
+}
diff --git a/image-pipeline.tf b/image-pipeline.tf
index e978deb..f19cd98 100644
--- a/image-pipeline.tf
+++ b/image-pipeline.tf
@@ -132,7 +132,7 @@ module "terraform_aws_image_pipeline" {
       content = templatefile(
         "${path.module}/workflows/terraform-plan.yaml.tpl",
         {
-          repo_name = "aws-image-pipeline",
+          repo_name = "terraform-aws-image-pipeline",
           directory = "./examples"
           git_owner = {
             name  = "arnol377"
diff --git a/main.tf b/main.tf
index 6c72d56..3f8fa6a 100644
--- a/main.tf
+++ b/main.tf
@@ -206,3 +206,5 @@ module "ghe_runners" {
   collaborators     = local.collaborators
 }
 
+
+
diff --git a/sandbox.tf b/sandbox.tf
new file mode 100644
index 0000000..081143c
--- /dev/null
+++ b/sandbox.tf
@@ -0,0 +1,61 @@
+
+locals {
+  workspace_instances = [
+    "arnol377-sandbox"
+  ]
+}
+
+module "ghe_runners" {
+  source                  = "git@github.e.it.census.gov:CSVD/terraform-github-repo"
+  for_each                = toset(local.workspace_instances)
+  github_repo_description = "Sandbox - ${each.value}"
+  repo_org                = "arnol377"
+  name                    = each.value
+  github_repo_topics = [
+    "terraform"
+  ]
+  force_name        = true
+  github_is_private = false
+  create_codeowners = false
+  enforce_prs       = false
+  collaborators     = local.collaborators
+  managed_extra_files = [
+    {
+      path = ".github/workflows/terraform-plan.yaml"
+      content = templatefile(
+        "${path.module}/workflows/terraform-plan.yaml.tpl",
+        {
+          repo_name = each.value,
+          directory = null
+          git_owner = {
+            name  = "arnol377"
+            email = "david.j.arnold.jr@census.gov"
+          }
+        }
+      )
+    },
+    {
+      path = ".github/workflows/terraform-apply.yaml"
+      content = templatefile(
+        "${path.module}/workflows/terraform-apply.yaml.tpl",
+        {
+          repo_name = each.value,
+          directory = null
+        }
+      )
+    }
+  ]
+  secrets = [
+    for secret in [for secret in local.secrets : secret if secret != "AWS_ACCESS_KEY_ID"] :
+    {
+      name  = replace(secret, "GITHUB", "GH")
+      value = lookup(module.env_var, secret).value
+    }
+  ]
+  vars = [
+    {
+      name  = "AWS_ACCESS_KEY_ID"
+      value = lookup(module.env_var, "AWS_ACCESS_KEY_ID").value
+    }
+  ]
+}
\ No newline at end of file