diff --git a/README.md b/README.md
index 70396bf..a909a95 100644
--- a/README.md
+++ b/README.md
@@ -104,7 +104,7 @@ efs-csi-controller    0         5m
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 6.27.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 6.28.0 |
 | <a name="provider_null"></a> [null](#provider\_null) | 3.2.4 |
 | <a name="provider_terraform"></a> [terraform](#provider\_terraform) | n/a |
 
diff --git a/addons.tf b/addons.tf
new file mode 100644
index 0000000..9e8d98a
--- /dev/null
+++ b/addons.tf
@@ -0,0 +1,49 @@
+locals {
+  addons = {
+    amazon-cloudwatch-observability = {
+      most_recent              = true
+      service_account_role_arn = module.cloudwatch_observability_irsa_role.iam_role_arn
+    }
+    aws-ebs-csi-driver = {
+      most_recent              = true
+      service_account_role_arn = module.ebs_csi_irsa_role.iam_role_arn
+    }
+    aws-efs-csi-driver = {
+      most_recent              = true
+      service_account_role_arn = module.efs_csi_irsa_role.iam_role_arn
+    }
+    cert-manager = {
+      most_recent = true
+    }
+    coredns = {
+      most_recent = true
+    }
+    eks-node-monitoring-agent = {
+      most_recent = true
+    }
+    eks-pod-identity-agent = {
+      most_recent    = true
+      before_compute = true
+    }
+    kube-proxy = {
+      most_recent = true
+    }
+    kube-state-metrics = {
+      most_recent = true
+    }
+    metrics-server = {
+      most_recent = true
+    }
+    prometheus-node-exporter = {
+      most_recent = true
+    }
+    snapshot-controller = {
+      most_recent = true
+    }
+    vpc-cni = {
+      most_recent              = true
+      service_account_role_arn = module.vpc_cni_irsa_role.iam_role_arn
+      before_compute           = true
+    }
+  }
+}
diff --git a/main.tf b/main.tf
index 9c127fc..3362d0b 100644
--- a/main.tf
+++ b/main.tf
@@ -41,50 +41,7 @@ module "cluster" {
   vpc_id     = local.vpc_id
   subnet_ids = local.subnets
 
-  addons = {
-    amazon-cloudwatch-observability = {
-      most_recent              = true
-      service_account_role_arn = module.cloudwatch_observability_irsa_role.iam_role_arn
-    }
-    aws-ebs-csi-driver = {
-      most_recent              = true
-      service_account_role_arn = module.ebs_csi_irsa_role.iam_role_arn
-    }
-    aws-efs-csi-driver = {
-      most_recent              = true
-      service_account_role_arn = module.efs_csi_irsa_role.iam_role_arn
-    }
-    cert-manager = {
-      most_recent = true
-    }
-    coredns = {
-      most_recent = true
-    }
-    eks-node-monitoring-agent = {
-      most_recent = true
-    }
-    eks-pod-identity-agent = {
-      most_recent    = true
-      before_compute = true
-    }
-    kube-proxy = {
-      most_recent = true
-    }
-    # kube-state-metrics = {
-    #   most_recent = true
-    # }
-    metrics-server = {
-      most_recent = true
-    }
-    snapshot-controller = {
-      most_recent = true
-    }
-    vpc-cni = {
-      most_recent              = true
-      service_account_role_arn = module.vpc_cni_irsa_role.iam_role_arn
-      before_compute           = true
-    }
-  }
+  addons = local.addons
 
   node_security_group_enable_recommended_rules = true