diff --git a/cloudtrail-key/main.tf b/cloudtrail-key/main.tf
index f1f31f2..3e5c7c7 100644
--- a/cloudtrail-key/main.tf
+++ b/cloudtrail-key/main.tf
@@ -71,8 +71,10 @@ resource "aws_kms_key" "key" {
   tags = merge(
     local.base_tags,
     var.tags,
-    map("boc:aws:region", local.region),
-    map("Name", local.name),
+    {
+      "boc:aws:region" = local.region
+      Name             = local.name
+    },
   )
 }
 
diff --git a/cloudtrail/cloudtrail.tf b/cloudtrail/cloudtrail.tf
index 76e50f2..4fd39fd 100644
--- a/cloudtrail/cloudtrail.tf
+++ b/cloudtrail/cloudtrail.tf
@@ -15,7 +15,7 @@ resource "aws_cloudtrail" "this" {
   tags = merge(
     local.base_tags,
     var.tags,
-    map("Name", local.name),
+    tomap({ Name = local.name }),
   )
   depends_on = [aws_s3_bucket_policy.policy]
 }
@@ -33,7 +33,7 @@ resource "aws_iam_role" "cloudtrail" {
   tags = merge(
     local.base_tags,
     var.tags,
-    map("Name", local.role_name),
+    tomap({ Name = local.role_name }),
   )
 }
 
diff --git a/cloudtrail/cloudwatch.tf b/cloudtrail/cloudwatch.tf
index 355eed2..6d49cfc 100644
--- a/cloudtrail/cloudwatch.tf
+++ b/cloudtrail/cloudwatch.tf
@@ -15,7 +15,7 @@ resource "aws_cloudwatch_log_group" "this" {
   tags = merge(
     local.base_tags,
     var.tags,
-    map("Name", local.name),
+    tomap({ Name = local.name }),
   )
 }
 
diff --git a/cloudtrail/sns.tf b/cloudtrail/sns.tf
index 6960207..5d01675 100644
--- a/cloudtrail/sns.tf
+++ b/cloudtrail/sns.tf
@@ -6,7 +6,7 @@ resource "aws_sns_topic" "cloudtrail" {
   tags = merge(
     local.base_tags,
     var.tags,
-    map("Name", local.name),
+    tomap({ Name = local.name }),
   )
 }
 
diff --git a/cloudtrail/sqs.tf b/cloudtrail/sqs.tf
index 223ae33..a3f45c9 100644
--- a/cloudtrail/sqs.tf
+++ b/cloudtrail/sqs.tf
@@ -15,7 +15,7 @@ resource "aws_sqs_queue" "cloudtrail_deadletter" {
   tags = merge(
     local.base_tags,
     var.tags,
-    map("Name", format("%v-deadletter", local.name)),
+    tomap({ Name = format("%v-deadletter", local.name) }),
   )
 }
 
@@ -66,7 +66,7 @@ resource "aws_sqs_queue" "cloudtrail" {
   tags = merge(
     local.base_tags,
     var.tags,
-    map("Name", local.name),
+    tomap({ Name = local.name }),
   )
 }
 
diff --git a/cloudtrail_orig/kms.tf b/cloudtrail_orig/kms.tf
index 63f49fa..8178b0f 100644
--- a/cloudtrail_orig/kms.tf
+++ b/cloudtrail_orig/kms.tf
@@ -8,8 +8,10 @@ resource "aws_kms_key" "key" {
 
   tags = merge(
     local.common_tags,
-    map("boc:aws:region", local.region),
-    map("Name", var.kms_key),
+    {
+      "boc:aws:region" = local.region
+      Name             = var.kms_key
+    },
   )
   lifecycle {
     ignore_changes = [tags["boc:tf_module_version"]]
diff --git a/cloudtrail_orig/s3.tf b/cloudtrail_orig/s3.tf
index 287b161..64061b3 100644
--- a/cloudtrail_orig/s3.tf
+++ b/cloudtrail_orig/s3.tf
@@ -35,7 +35,7 @@ resource "aws_s3_bucket" "cloudtrail" {
     var.tags,
     local.base_tags,
     lookup(var.component_tags, "s3", {}),
-    map("Name", local.bucket_name),
+    tomap({ Name = local.bucket_name }),
   )
 
   provisioner "local-exec" {
diff --git a/config/s3.tf b/config/s3.tf
index b2d9a35..0b8ea57 100644
--- a/config/s3.tf
+++ b/config/s3.tf
@@ -30,7 +30,7 @@ resource "aws_s3_bucket" "config" {
     var.tags,
     local.base_tags,
     lookup(var.component_tags, "s3", {}),
-    map("Name", local.bucket_name),
+    tomap({ Name = local.bucket_name }),
   )
 
   provisioner "local-exec" {
diff --git a/iam-general-policies/README.md b/iam-general-policies/README.md
index b26ef1c..4b64016 100644
--- a/iam-general-policies/README.md
+++ b/iam-general-policies/README.md
@@ -64,8 +64,7 @@ This provides some custom policies that are to be applied to some accounts and g
    "create_policy"
    "policy_arn"
  }
-
-```
+ ```
 * manage-access-keys
   Allows for self-managing access keys (for rotating)
 * manage-credentials
@@ -84,8 +83,7 @@ These are policy documents, used liberally, as needed by applications (typically
    "policy"       
    "create_policy"
  }
-
-```
+ ```
 * ec2\_assume
 * sts\_assume
 * root\_assume
diff --git a/iam-general-policies/main.tf b/iam-general-policies/main.tf
index c810960..942cfc3 100644
--- a/iam-general-policies/main.tf
+++ b/iam-general-policies/main.tf
@@ -155,7 +155,7 @@ resource "aws_iam_policy" "general" {
     var.tags,
     local.base_tags,
     lookup(var.component_tags, "policy", {}),
-    map("Name", format("%vinf-%v", lookup(local._prefixes, "policy", ""), each.value["name"]))
+    tomap({ Name = format("%vinf-%v", lookup(local._prefixes, "policy", ""), each.value["name"]) }),
   )
 
   lifecycle {
diff --git a/s3-access-logs/main.tf b/s3-access-logs/main.tf
index 5aa142d..fcdc35f 100644
--- a/s3-access-logs/main.tf
+++ b/s3-access-logs/main.tf
@@ -92,7 +92,7 @@ resource "aws_s3_bucket" "logs" {
     var.tags,
     local.base_tags,
     lookup(var.component_tags, "s3", {}),
-    map("Name", local.bucket_name),
+    tomap({ Name = local.bucket_name }),
   )
 
   provisioner "local-exec" {
diff --git a/s3-config/main.tf b/s3-config/main.tf
index 166be88..3ed80b6 100644
--- a/s3-config/main.tf
+++ b/s3-config/main.tf
@@ -62,7 +62,7 @@ resource "aws_s3_bucket" "config" {
     var.tags,
     local.base_tags,
     lookup(var.component_tags, "s3", {}),
-    map("Name", local.bucket_name),
+    tomap({ Name = local.bucket_name }),
   )
 
   provisioner "local-exec" {
diff --git a/s3-flow-logs/main.tf b/s3-flow-logs/main.tf
index fc8cfc8..8d8eb4b 100644
--- a/s3-flow-logs/main.tf
+++ b/s3-flow-logs/main.tf
@@ -89,7 +89,7 @@ resource "aws_s3_bucket" "flowlogs" {
     var.tags,
     local.base_tags,
     lookup(var.component_tags, "s3", {}),
-    map("Name", local.bucket_name),
+    tomap({ Name = local.bucket_name }),
   )
 
   provisioner "local-exec" {
diff --git a/vpc-remove-defaults/main.tf b/vpc-remove-defaults/main.tf
index 7b912a4..1369863 100644
--- a/vpc-remove-defaults/main.tf
+++ b/vpc-remove-defaults/main.tf
@@ -105,7 +105,7 @@ data "aws_availability_zones" "zones" {
 resource "aws_default_vpc" "default" {
   tags = merge(
     local.base_tags,
-    map("Name", format("default-vpc-%s", local.vpc_title))
+    tomap({ Name = format("default-vpc-%s", local.vpc_title) }),
   )
   lifecycle {
     ignore_changes = [tags["boc:tf_module_version"]]
@@ -118,7 +118,7 @@ resource "aws_default_vpc" "default" {
 resource "aws_default_vpc_dhcp_options" "default" {
   tags = merge(
     local.base_tags,
-    map("Name", format("default-dhcpopt-%s", local.vpc_title))
+    tomap({ Name = format("default-dhcpopt-%s", local.vpc_title) }),
   )
   lifecycle {
     ignore_changes = [tags["boc:tf_module_version"]]
@@ -133,7 +133,7 @@ resource "aws_default_security_group" "default" {
 
   tags = merge(
     local.base_tags,
-    map("Name", format("default-sg-%s", local.vpc_title))
+    tomap({ Name = format("default-sg-%s", local.vpc_title) }),
   )
 
   lifecycle {
@@ -150,7 +150,7 @@ resource "aws_default_subnet" "default" {
 
   tags = merge(
     local.base_tags,
-    map("Name", format("default-subnet-%s-%s", local.vpc_title, each.key))
+    tomap({ Name = format("default-subnet-%s-%s", local.vpc_title, each.key) }),
   )
 
   lifecycle {
@@ -167,7 +167,7 @@ resource "aws_default_network_acl" "default" {
 
   tags = merge(
     local.base_tags,
-    map("Name", format("default-nacl-%s", local.vpc_title))
+    tomap({ Name = format("default-nacl-%s", local.vpc_title) }),
   )
 
   lifecycle {
@@ -184,7 +184,7 @@ resource "aws_default_route_table" "default" {
 
   tags = merge(
     local.base_tags,
-    map("Name", format("default-rt-%s", local.vpc_title))
+    tomap({ Name = format("default-rt-%s", local.vpc_title) }),
   )
 
   lifecycle {