diff --git a/terraform/envs/prod/.terraform.lock.hcl b/terraform/envs/prod/.terraform.lock.hcl
index 55b30cd5..c9dfb942 100644
--- a/terraform/envs/prod/.terraform.lock.hcl
+++ b/terraform/envs/prod/.terraform.lock.hcl
@@ -25,29 +25,29 @@ provider "registry.terraform.io/hashicorp/archive" {
 }
 
 provider "registry.terraform.io/hashicorp/aws" {
-  version     = "5.100.0"
-  constraints = "~> 5.92"
+  version     = "6.6.0"
+  constraints = "~> 6.6.0"
   hashes = [
-    "h1:H3mU/7URhP0uCRGK8jeQRKxx2XFzEqLiOq/L2Bbiaxs=",
-    "h1:Ijt7pOlB7Tr7maGQIqtsLFbl7pSMIj06TVdkoSBcYOw=",
-    "h1:edXOJWE4ORX8Fm+dpVpICzMZJat4AX0VRCAy/xkcOc0=",
-    "h1:hd45qFU5cFuJMpFGdUniU9mVIr5LYVWP1uMeunBpYYs=",
-    "h1:wOhTPz6apLBuF7/FYZuCoXRK/MLgrNprZ3vXmq83g5k=",
-    "zh:054b8dd49f0549c9a7cc27d159e45327b7b65cf404da5e5a20da154b90b8a644",
-    "zh:0b97bf8d5e03d15d83cc40b0530a1f84b459354939ba6f135a0086c20ebbe6b2",
-    "zh:1589a2266af699cbd5d80737a0fe02e54ec9cf2ca54e7e00ac51c7359056f274",
-    "zh:6330766f1d85f01ae6ea90d1b214b8b74cc8c1badc4696b165b36ddd4cc15f7b",
-    "zh:7c8c2e30d8e55291b86fcb64bdf6c25489d538688545eb48fd74ad622e5d3862",
-    "zh:99b1003bd9bd32ee323544da897148f46a527f622dc3971af63ea3e251596342",
+    "h1:FXkLuVKvc8ZiU5wSBYTCogJtnrprbSTpXjYPTYrnek8=",
+    "h1:HbkYySBwJyItrJB7oRiRz+0ZhCx3AO6dv2jiWxGEh8M=",
+    "h1:I8D/aORzHtnXLB9kLRxNfjJKKIDBQvTyMkntNeZoaw8=",
+    "h1:TwG7YlnfSKTZzwZsJmoTtEEalXYksn0AlGzuJifONtY=",
+    "h1:wnZaKRg1V3sTIZHqjAtd6yfCBaGKpt0JTcQEDBfMxXs=",
+    "zh:04a29ab348b367ff65bda325177aae682f3ff99c4cb52285976f0569fe6dfed0",
+    "zh:1b9c5b248aff286be093c6e30d14a75d6c494df7e45ad47d2aa710114583cde5",
+    "zh:3701ff5ba4b202ee4645f617f806d0c3888af49db7173fbe8fac0b8cada21194",
+    "zh:3ae9c5903f4175b869b42508784e44ad180fff4a5ff6635da448ca344cbb0d07",
+    "zh:3b28f56f2928b8560880de38d61f3e23b343278b80424abcd7af8423765e0b45",
+    "zh:56a8060f596ed0171f5ed120443a0ea9ece3f7267d42918656ee2c2b925ac3bb",
+    "zh:5abae8ff4704a5ca62991e0945b19c8f36cfedbc45210b8774a3b1ca18b8cf7e",
+    "zh:5f93aa189a9743252f034331e691242ffe8b0e8364f14e1207ba8c698e0fd052",
+    "zh:6aea17e76db2f260e82d4f10f8bcafbc5a8236d481f163a650afc1b3b58daa78",
     "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425",
-    "zh:9f8b909d3ec50ade83c8062290378b1ec553edef6a447c56dadc01a99f4eaa93",
-    "zh:aaef921ff9aabaf8b1869a86d692ebd24fbd4e12c21205034bb679b9caf883a2",
-    "zh:ac882313207aba00dd5a76dbd572a0ddc818bb9cbf5c9d61b28fe30efaec951e",
-    "zh:bb64e8aff37becab373a1a0cc1080990785304141af42ed6aa3dd4913b000421",
-    "zh:dfe495f6621df5540d9c92ad40b8067376350b005c637ea6efac5dc15028add4",
-    "zh:f0ddf0eaf052766cfe09dea8200a946519f653c384ab4336e2a4a64fdd6310e9",
-    "zh:f1b7e684f4c7ae1eed272b6de7d2049bb87a0275cb04dbb7cda6636f600699c9",
-    "zh:ff461571e3f233699bf690db319dfe46aec75e58726636a0d97dd9ac6e32fb70",
+    "zh:b101beca22823f92868dc7e52b838fe2988a28789fe1ae81f23dcefce9a87a38",
+    "zh:d00dede172a4dd00902958404baadd3014eba7b8098e57a3031e7a861f5d26a2",
+    "zh:ecfbfdd970fe0e5414bd4538a15f2dbb34f28cbbb728476eae8d2d43de066a76",
+    "zh:f51431e0471b365a9fbcae264385201eb514a6e5b155df92dc77f7b4f867af81",
+    "zh:f5353b8cb77c6b8b475cf9a2e3e4e3fadbfff7a1bac04d7681aa4de939c2d409",
   ]
 }
 
diff --git a/terraform/envs/prod/main.tf b/terraform/envs/prod/main.tf
index a29963cd..451a06f5 100644
--- a/terraform/envs/prod/main.tf
+++ b/terraform/envs/prod/main.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = "~> 5.92"
+      version = "~> 6.6.0"
     }
   }
 
diff --git a/terraform/envs/qa/.terraform.lock.hcl b/terraform/envs/qa/.terraform.lock.hcl
index 55b30cd5..c9dfb942 100644
--- a/terraform/envs/qa/.terraform.lock.hcl
+++ b/terraform/envs/qa/.terraform.lock.hcl
@@ -25,29 +25,29 @@ provider "registry.terraform.io/hashicorp/archive" {
 }
 
 provider "registry.terraform.io/hashicorp/aws" {
-  version     = "5.100.0"
-  constraints = "~> 5.92"
+  version     = "6.6.0"
+  constraints = "~> 6.6.0"
   hashes = [
-    "h1:H3mU/7URhP0uCRGK8jeQRKxx2XFzEqLiOq/L2Bbiaxs=",
-    "h1:Ijt7pOlB7Tr7maGQIqtsLFbl7pSMIj06TVdkoSBcYOw=",
-    "h1:edXOJWE4ORX8Fm+dpVpICzMZJat4AX0VRCAy/xkcOc0=",
-    "h1:hd45qFU5cFuJMpFGdUniU9mVIr5LYVWP1uMeunBpYYs=",
-    "h1:wOhTPz6apLBuF7/FYZuCoXRK/MLgrNprZ3vXmq83g5k=",
-    "zh:054b8dd49f0549c9a7cc27d159e45327b7b65cf404da5e5a20da154b90b8a644",
-    "zh:0b97bf8d5e03d15d83cc40b0530a1f84b459354939ba6f135a0086c20ebbe6b2",
-    "zh:1589a2266af699cbd5d80737a0fe02e54ec9cf2ca54e7e00ac51c7359056f274",
-    "zh:6330766f1d85f01ae6ea90d1b214b8b74cc8c1badc4696b165b36ddd4cc15f7b",
-    "zh:7c8c2e30d8e55291b86fcb64bdf6c25489d538688545eb48fd74ad622e5d3862",
-    "zh:99b1003bd9bd32ee323544da897148f46a527f622dc3971af63ea3e251596342",
+    "h1:FXkLuVKvc8ZiU5wSBYTCogJtnrprbSTpXjYPTYrnek8=",
+    "h1:HbkYySBwJyItrJB7oRiRz+0ZhCx3AO6dv2jiWxGEh8M=",
+    "h1:I8D/aORzHtnXLB9kLRxNfjJKKIDBQvTyMkntNeZoaw8=",
+    "h1:TwG7YlnfSKTZzwZsJmoTtEEalXYksn0AlGzuJifONtY=",
+    "h1:wnZaKRg1V3sTIZHqjAtd6yfCBaGKpt0JTcQEDBfMxXs=",
+    "zh:04a29ab348b367ff65bda325177aae682f3ff99c4cb52285976f0569fe6dfed0",
+    "zh:1b9c5b248aff286be093c6e30d14a75d6c494df7e45ad47d2aa710114583cde5",
+    "zh:3701ff5ba4b202ee4645f617f806d0c3888af49db7173fbe8fac0b8cada21194",
+    "zh:3ae9c5903f4175b869b42508784e44ad180fff4a5ff6635da448ca344cbb0d07",
+    "zh:3b28f56f2928b8560880de38d61f3e23b343278b80424abcd7af8423765e0b45",
+    "zh:56a8060f596ed0171f5ed120443a0ea9ece3f7267d42918656ee2c2b925ac3bb",
+    "zh:5abae8ff4704a5ca62991e0945b19c8f36cfedbc45210b8774a3b1ca18b8cf7e",
+    "zh:5f93aa189a9743252f034331e691242ffe8b0e8364f14e1207ba8c698e0fd052",
+    "zh:6aea17e76db2f260e82d4f10f8bcafbc5a8236d481f163a650afc1b3b58daa78",
     "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425",
-    "zh:9f8b909d3ec50ade83c8062290378b1ec553edef6a447c56dadc01a99f4eaa93",
-    "zh:aaef921ff9aabaf8b1869a86d692ebd24fbd4e12c21205034bb679b9caf883a2",
-    "zh:ac882313207aba00dd5a76dbd572a0ddc818bb9cbf5c9d61b28fe30efaec951e",
-    "zh:bb64e8aff37becab373a1a0cc1080990785304141af42ed6aa3dd4913b000421",
-    "zh:dfe495f6621df5540d9c92ad40b8067376350b005c637ea6efac5dc15028add4",
-    "zh:f0ddf0eaf052766cfe09dea8200a946519f653c384ab4336e2a4a64fdd6310e9",
-    "zh:f1b7e684f4c7ae1eed272b6de7d2049bb87a0275cb04dbb7cda6636f600699c9",
-    "zh:ff461571e3f233699bf690db319dfe46aec75e58726636a0d97dd9ac6e32fb70",
+    "zh:b101beca22823f92868dc7e52b838fe2988a28789fe1ae81f23dcefce9a87a38",
+    "zh:d00dede172a4dd00902958404baadd3014eba7b8098e57a3031e7a861f5d26a2",
+    "zh:ecfbfdd970fe0e5414bd4538a15f2dbb34f28cbbb728476eae8d2d43de066a76",
+    "zh:f51431e0471b365a9fbcae264385201eb514a6e5b155df92dc77f7b4f867af81",
+    "zh:f5353b8cb77c6b8b475cf9a2e3e4e3fadbfff7a1bac04d7681aa4de939c2d409",
   ]
 }
 
diff --git a/terraform/envs/qa/main.tf b/terraform/envs/qa/main.tf
index 3886e8da..4cab8673 100644
--- a/terraform/envs/qa/main.tf
+++ b/terraform/envs/qa/main.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = "~> 5.92"
+      version = "~> 6.6.0"
     }
   }
 
diff --git a/terraform/modules/auditlog/main.tf b/terraform/modules/auditlog/main.tf
new file mode 100644
index 00000000..383fb53a
--- /dev/null
+++ b/terraform/modules/auditlog/main.tf
@@ -0,0 +1,289 @@
+locals {
+  kinesis_stream_name = "${var.ProjectId}-audit-log-delivery"
+}
+resource "aws_s3_bucket" "audit_log_storage" {
+  bucket = "${var.BucketPrefix}-${var.ProjectId}-audit-logs"
+}
+
+resource "aws_cloudwatch_log_group" "firehose_log_group" {
+  name = "/aws/kinesisfirehose/${local.kinesis_stream_name}-delivery"
+}
+
+resource "aws_cloudwatch_log_stream" "firehose_log_stream" {
+  name           = "/aws/kinesisfirehose/${local.kinesis_stream_name}-stream"
+  log_group_name = aws_cloudwatch_log_group.firehose_log_group.name
+}
+
+resource "aws_kinesis_stream" "audit_log_stream" {
+  name             = local.kinesis_stream_name
+  retention_period = 24
+
+  stream_mode_details {
+    stream_mode = "ON_DEMAND"
+  }
+}
+resource "aws_glue_catalog_database" "audit_log_database" {
+  name = "${var.ProjectId}-audit-log-database"
+}
+
+resource "aws_glue_catalog_table" "audit_log_table" {
+  name          = "${var.ProjectId}-audit-logs"
+  database_name = aws_glue_catalog_database.audit_log_database.name
+
+  table_type = "EXTERNAL_TABLE"
+
+  parameters = {
+    "EXTERNAL"           = "TRUE"
+    "projection.enabled" = "false"
+    "classification"     = "json"
+    "compressionType"    = "none"
+    "typeOfData"         = "file"
+  }
+
+  storage_descriptor {
+    columns {
+      name = "module"
+      type = "string"
+    }
+    columns {
+      name = "createdAt"
+      type = "timestamp"
+    }
+    columns {
+      name = "actor"
+      type = "string"
+    }
+    columns {
+      name = "message"
+      type = "string"
+    }
+
+    columns {
+      name = "target"
+      type = "string"
+    }
+
+    location      = "s3://${aws_s3_bucket.audit_log_storage.id}/"
+    input_format  = "org.apache.hadoop.mapred.TextInputFormat"
+    output_format = "org.apache.hadoop.hive.ql.io.HiveIgnoreKeyTextOutputFormat"
+
+    ser_de_info {
+      name                  = "JsonSerDe"
+      serialization_library = "org.openx.data.jsonserde.JsonSerDe"
+      parameters = {
+        "dots.in.keys"         = "false"
+        "case.insensitive"     = "false"
+        "mapping"              = "true"
+        "serialization.format" = "1"
+      }
+    }
+  }
+}
+
+resource "aws_kinesis_firehose_delivery_stream" "audit_log_delivery_stream" {
+  name        = "${local.kinesis_stream_name}-delivery"
+  destination = "extended_s3"
+
+  extended_s3_configuration {
+    role_arn   = aws_iam_role.firehose.arn
+    bucket_arn = aws_s3_bucket.audit_log_storage.arn
+
+    data_format_conversion_configuration {
+      enabled = true
+
+      input_format_configuration {
+        deserializer {
+          open_x_json_ser_de {}
+        }
+      }
+
+      output_format_configuration {
+        serializer {
+          parquet_ser_de {}
+        }
+      }
+
+      schema_configuration {
+        role_arn      = aws_iam_role.firehose.arn
+        database_name = aws_glue_catalog_database.audit_log_database.name
+        table_name    = aws_glue_catalog_table.audit_log_table.name
+      }
+    }
+
+    cloudwatch_logging_options {
+      enabled         = "true"
+      log_group_name  = aws_cloudwatch_log_group.firehose_log_group.name
+      log_stream_name = aws_cloudwatch_log_stream.firehose_log_stream.name
+    }
+  }
+
+  kinesis_source_configuration {
+    kinesis_stream_arn = aws_kinesis_stream.audit_log_stream.arn
+    role_arn           = aws_iam_role.firehose.arn
+  }
+}
+
+resource "aws_iam_role" "firehose" {
+  name = "${var.ProjectId}-firehose-assume-role"
+
+  assume_role_policy = <<EOF
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Action": "sts:AssumeRole",
+      "Principal": {
+        "Service": "firehose.amazonaws.com"
+      },
+      "Effect": "Allow",
+      "Sid": ""
+    }
+  ]
+}
+EOF
+}
+
+resource "aws_iam_policy" "firehose_s3" {
+  name_prefix = "${var.ProjectId}-auditlog"
+  policy      = <<-EOF
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+        "Sid": "",
+        "Effect": "Allow",
+        "Action": [
+            "s3:AbortMultipartUpload",
+            "s3:GetBucketLocation",
+            "s3:GetObject",
+            "s3:ListBucket",
+            "s3:ListBucketMultipartUploads",
+            "s3:PutObject"
+        ],
+        "Resource": [
+            "${aws_s3_bucket.audit_log_storage.arn}",
+            "${aws_s3_bucket.audit_log_storage.arn}/*"
+        ]
+    }
+  ]
+}
+EOF
+}
+
+resource "aws_iam_role_policy_attachment" "firehose_s3" {
+  role       = aws_iam_role.firehose.name
+  policy_arn = aws_iam_policy.firehose_s3.arn
+}
+
+resource "aws_iam_policy" "put_record" {
+  name   = "${var.ProjectId}-auditlog-putrecord"
+  policy = <<-EOF
+{
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+            "Effect": "Allow",
+            "Action": [
+                "firehose:PutRecord",
+                "firehose:PutRecordBatch"
+            ],
+            "Resource": [
+                "${aws_kinesis_firehose_delivery_stream.audit_log_delivery_stream.arn}"
+            ]
+        }
+    ]
+}
+EOF
+}
+
+resource "aws_iam_role_policy_attachment" "put_record" {
+  role       = aws_iam_role.firehose.name
+  policy_arn = aws_iam_policy.put_record.arn
+}
+
+resource "aws_iam_policy" "firehose_cloudwatch" {
+  name_prefix = "${var.ProjectId}-auditlog"
+
+  policy = <<EOF
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+        "Sid": "",
+        "Effect": "Allow",
+        "Action": [
+            "logs:CreateLogStream",
+            "logs:PutLogEvents"
+        ],
+        "Resource": [
+            "${aws_cloudwatch_log_group.firehose_log_group.arn}"
+        ]
+    }
+  ]
+}
+EOF
+}
+
+resource "aws_iam_role_policy_attachment" "firehose_cloudwatch" {
+  role       = aws_iam_role.firehose.name
+  policy_arn = aws_iam_policy.firehose_cloudwatch.arn
+}
+
+resource "aws_iam_policy" "kinesis_firehose" {
+  name_prefix = "${var.ProjectId}-auditlog"
+
+  policy = <<EOF
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+        "Sid": "",
+        "Effect": "Allow",
+        "Action": [
+            "kinesis:DescribeStream",
+            "kinesis:GetShardIterator",
+            "kinesis:GetRecords",
+            "kinesis:ListShards"
+        ],
+        "Resource": "${aws_kinesis_stream.audit_log_stream.arn}"
+    }
+  ]
+}
+EOF
+}
+
+resource "aws_iam_role_policy_attachment" "kinesis_firehose" {
+  role       = aws_iam_role.firehose.name
+  policy_arn = aws_iam_policy.kinesis_firehose.arn
+}
+
+resource "aws_iam_policy" "firehose_glue" {
+  name_prefix = "${var.ProjectId}-firehose-glue"
+  policy = jsonencode({
+    Version = "2012-10-17",
+    Statement = [
+      {
+        Effect = "Allow",
+        Action = [
+          "glue:GetTable",
+          "glue:GetTableVersion",
+          "glue:GetTableVersions"
+        ],
+        Resource = [
+          aws_glue_catalog_table.audit_log_table.arn,
+          aws_glue_catalog_database.audit_log_database.arn
+        ]
+      }
+    ]
+  })
+}
+
+resource "aws_iam_role_policy_attachment" "firehose_glue" {
+  role       = aws_iam_role.firehose.name
+  policy_arn = aws_iam_policy.firehose_glue.arn
+}
+
+
+output "firehose_put_policy_arn" {
+  value = aws_iam_policy.put_record.arn
+}
diff --git a/terraform/modules/auditlog/variables.tf b/terraform/modules/auditlog/variables.tf
new file mode 100644
index 00000000..45422c00
--- /dev/null
+++ b/terraform/modules/auditlog/variables.tf
@@ -0,0 +1,8 @@
+variable "ProjectId" {
+  type        = string
+  description = "Prefix before each resource"
+}
+
+variable "BucketPrefix" {
+  type = string
+}