diff --git a/s3-config-org/kms.tf b/s3-config-org/kms.tf
index 3ebbbbb..74c27fc 100644
--- a/s3-config-org/kms.tf
+++ b/s3-config-org/kms.tf
@@ -1,6 +1,6 @@
 locals {
   kms_key_name        = format("%v%v", local._prefixes["kms"], local.key_name)
-  kms_admin_root      = format("arn:%v:iam::%v:root", local.partition, local.account_id)
+  kms_admin_root      = format("arn:%v:iam::%v:root", data.aws_arn.current.partition, local.account_id)
   kms_admin_roles     = var.kms_admin_roles
   kms_policy_document = var.kms_policy_document != null ? var.kms_policy_document : data.aws_iam_policy_document.empty.json
 }
diff --git a/s3-config-org/main.tf b/s3-config-org/main.tf
index e840449..2c7ef12 100644
--- a/s3-config-org/main.tf
+++ b/s3-config-org/main.tf
@@ -22,12 +22,12 @@
 
 locals {
   account_id          = var.account_id != "" ? var.account_id : data.aws_caller_identity.current.account_id
-  logs_region         = data.aws_region.current.name
+  region              = data.aws_region.current.name
   account_environment = data.aws_arn.current.partition == "aws-us-gov" ? "gov" : "ew"
   organization_id     = data.aws_organizations_organization.org.id
 
   bucket_name = var.bucket_name != "" ? var.bucket_name : format("%v-%v-%v", var.bucket_name_prefix, local.account_id, local.region)
-  key_name    = compact(var.key_name, var.bucket_name, var.bucket_name_prefix)[0]
+  key_name    = compact([var.key_name, var.bucket_name, var.bucket_name_prefix])[0]
 
   base_tags = {
     "Organization"          = "census:aditcio:csvd"
@@ -48,7 +48,7 @@ resource "aws_s3_bucket" "config_org" {
   tags = merge(
     local.base_tags,
     var.tags,
-    { "Name" = local.name },
+    { "Name" = local.bucket_name },
   )
 }
 
@@ -56,7 +56,7 @@ resource "aws_s3_bucket_server_side_encryption_configuration" "config_org" {
   bucket = aws_s3_bucket.config_org.id
   rule {
     apply_server_side_encryption_by_default {
-      kms_master_key_id = var.kms_key_arn
+      kms_master_key_id = aws_kms_key.key.arn
       sse_algorithm     = "aws:kms"
     }
     bucket_key_enabled = true
@@ -67,11 +67,11 @@ resource "aws_s3_bucket_server_side_encryption_configuration" "config_org" {
 resource "aws_s3_bucket_logging" "config_org" {
   bucket        = aws_s3_bucket.config_org.id
   target_bucket = var.access_log_bucket
-  target_prefix = format("%s/%s/", var.access_log_bucket_prefix, local.bucket_name)
+  target_prefix = format("%v/%v/", var.access_log_bucket_prefix, local.bucket_name)
 }
 
 resource "aws_s3_bucket_acl" "config_org" {
-  count  = 0
+  #  count  = 0
   bucket = aws_s3_bucket.config_org.id
   acl    = "private"
 }
@@ -139,7 +139,7 @@ data "aws_iam_policy_document" "bucket_policy" {
     condition {
       test     = "StringEquals"
       variable = "aws:PrincipalOrgId"
-      values   = [data.organization_id]
+      values   = [local.organization_id]
     }
   }
   statement {