diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
new file mode 100644
index 0000000..39d952a
--- /dev/null
+++ b/.github/CODEOWNERS
@@ -0,0 +1 @@
+*  @playgroundtech/owners
diff --git a/.github/workflows/pr.yaml b/.github/workflows/pr.yaml
index 71e2964..053fa62 100644
--- a/.github/workflows/pr.yaml
+++ b/.github/workflows/pr.yaml
@@ -16,7 +16,7 @@ jobs:
       - name: Update Repo
         run: brew update
       - name: Install Deps
-        run: brew install pre-commit git-secrets tflint terraform-docs terraform || true
+        run: brew install pre-commit gitleaks tflint tfsec terraform-docs terraform || true
       - name: Terraform init
         run: terraform init
       - name: Check Pre Commit
diff --git a/.github/workflows/terratest.yaml b/.github/workflows/terratest.yaml
new file mode 100644
index 0000000..1892394
--- /dev/null
+++ b/.github/workflows/terratest.yaml
@@ -0,0 +1,52 @@
+jobs:
+  terratest:
+    name: terratest
+    runs-on: "ubuntu-latest"
+    defaults:
+      run:
+        working-directory: tests
+
+    steps:
+      # Checkout the repository to the GitHub Actions runner
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      # Install and set up LocalStack
+      - name: Start LocalStack
+        run: |
+          pip install localstack                    # install LocalStack cli
+          docker pull localstack/localstack         # Make sure to pull the latest version of the image
+          localstack start -d                       # Start LocalStack in the background
+
+          echo "Waiting for LocalStack startup..."  # Wait 30 seconds for the LocalStack container
+          localstack wait -t 30                     # to become ready before timing out 
+          echo "Startup complete"
+
+      # Install the latest version of Terraform CLI
+      - name: Setup Terraform
+        uses: hashicorp/setup-terraform@v2
+        with:
+          terraform_wrapper: false
+
+      # Install and set up Golang
+      - name: Set Up Go
+        uses: actions/setup-go@v3
+        with:
+          go-version: 1.19.x
+
+      # Get all golang dependencies
+      - name: Get dependencies
+        run: go mod tidy
+
+      # Run terratest
+      - name: Run Terratest
+        run: go test -v -timeout 90m
+
+name: "terratest"
+
+on:
+  pull_request:
+    branches:
+      - master
+    paths-ignore:
+      - "**.md"
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 9957b01..87d8dc4 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -1,10 +1,11 @@
 repos:
   - repo: https://github.com/antonbabenko/pre-commit-terraform
-    rev: v1.76.0
+    rev: v1.77.1
     hooks:
       - id: terraform_fmt
       - id: terraform_validate
       - id: terraform_docs
+      - id: terraform_tfsec
       - id: terraform_tflint
         args:
           - '--args=--only=terraform_deprecated_interpolation'
@@ -21,14 +22,11 @@ repos:
   - repo: https://github.com/pre-commit/pre-commit-hooks
     rev: v4.3.0
     hooks:
+      - id: check-yaml
+      - id: check-json
       - id: check-merge-conflict
       - id: end-of-file-fixer
-  - repo: https://github.com/awslabs/git-secrets
-    rev: b9e96b3212fa06aea65964ff0d5cda84ce935f38 #SHA for v1.3.0
+  - repo: https://github.com/zricethezav/gitleaks
+    rev: v8.16.0
     hooks:
-      - id: git-secrets
-        entry: git-secrets --scan
-        files: .
-        args:
-          - '--register-aws'
-          - '--untracked'
+      - id: gitleaks
diff --git a/examples/simple/.terraform.lock.hcl b/examples/simple/.terraform.lock.hcl
deleted file mode 100644
index ec05f85..0000000
--- a/examples/simple/.terraform.lock.hcl
+++ /dev/null
@@ -1,43 +0,0 @@
-# This file is maintained automatically by "terraform init".
-# Manual edits may be lost in future updates.
-
-provider "registry.terraform.io/hashicorp/aws" {
-  version = "4.50.0"
-  hashes = [
-    "h1:jYbnOsQkAQ2O2eiZU3B5LACcEz0eoqX4cZNEjzMar8Q=",
-    "zh:03a5795ea9ed3eb80e0d5e0c5234dc76455aa4437e5546399127939c24a60973",
-    "zh:24556a15eb4a69955857b3a52322f099e68031e6f9a3df2cfdb6f6351cc4885e",
-    "zh:2c2a18f3da3c06f9da5f2aca485d0b324c8510f2afb70fc1470bcb31485db061",
-    "zh:37f194e62f7b433b7235b6e4f6954dd9352554ad044007802d3fa9b80a7a7331",
-    "zh:4591157be7c8ec8160186a74789c44f214c7142f400e2c147b710e25abe15be0",
-    "zh:53e0f9ca106a9691c20535500cdcf9e4255993536e19ef2fc4c6353bfc7e2e5b",
-    "zh:54eb4c288adfafe866b3b1fcc0550ddd025f59843cfa6dd3310fed85c766b950",
-    "zh:56e887eba5bb6dd60eb2c72d09eba34232b59a0c83ac1f3693e4064ebd2af02f",
-    "zh:57858a160b5dc3c454697798d38e528662c9234f9ab1742f6c5b3bd0414e0578",
-    "zh:6ce0a31d9b1bf2dc069414c7aeae0a660aa60b58a59e97a1c575786b120a0104",
-    "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425",
-    "zh:b70d22fa41bb30536fb1be5242701b19b0be8bb50ec6ba03bb5396be3cdac8c6",
-    "zh:ece8726967858c44a5ae458f7a8438e825128d356fbf1893d41ccb172bb263d9",
-    "zh:f0f2a8be772add8d0cdadf77fda7ed1c0dfbbeab9801a0d2d8820148653aa8f4",
-    "zh:fc93015058e9592810aa4b3e7834df1717ba8d6aec4679997d16c030c885d6fc",
-  ]
-}
-
-provider "registry.terraform.io/hashicorp/tls" {
-  version = "4.0.4"
-  hashes = [
-    "h1:GZcFizg5ZT2VrpwvxGBHQ/hO9r6g0vYdQqx3bFD3anY=",
-    "zh:23671ed83e1fcf79745534841e10291bbf34046b27d6e68a5d0aab77206f4a55",
-    "zh:45292421211ffd9e8e3eb3655677700e3c5047f71d8f7650d2ce30242335f848",
-    "zh:59fedb519f4433c0fdb1d58b27c210b27415fddd0cd73c5312530b4309c088be",
-    "zh:5a8eec2409a9ff7cd0758a9d818c74bcba92a240e6c5e54b99df68fff312bbd5",
-    "zh:5e6a4b39f3171f53292ab88058a59e64825f2b842760a4869e64dc1dc093d1fe",
-    "zh:810547d0bf9311d21c81cc306126d3547e7bd3f194fc295836acf164b9f8424e",
-    "zh:824a5f3617624243bed0259d7dd37d76017097dc3193dac669be342b90b2ab48",
-    "zh:9361ccc7048be5dcbc2fafe2d8216939765b3160bd52734f7a9fd917a39ecbd8",
-    "zh:aa02ea625aaf672e649296bce7580f62d724268189fe9ad7c1b36bb0fa12fa60",
-    "zh:c71b4cd40d6ec7815dfeefd57d88bc592c0c42f5e5858dcc88245d371b4b8b1e",
-    "zh:dabcd52f36b43d250a3d71ad7abfa07b5622c69068d989e60b79b2bb4f220316",
-    "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
-  ]
-}
diff --git a/examples/simple/outputs.tf b/examples/simple/outputs.tf
deleted file mode 100644
index e69de29..0000000
diff --git a/examples/go.mod b/tests/go.mod
similarity index 100%
rename from examples/go.mod
rename to tests/go.mod
diff --git a/examples/go.sum b/tests/go.sum
similarity index 100%
rename from examples/go.sum
rename to tests/go.sum
diff --git a/examples/module_test.go b/tests/module_test.go
similarity index 64%
rename from examples/module_test.go
rename to tests/module_test.go
index 05b0031..e8e51e1 100644
--- a/examples/module_test.go
+++ b/tests/module_test.go
@@ -5,17 +5,24 @@ package test
 
 import (
 	"fmt"
+	"github.com/gruntwork-io/terratest/modules/aws"
 	"github.com/gruntwork-io/terratest/modules/random"
 	"github.com/gruntwork-io/terratest/modules/terraform"
 	test_structure "github.com/gruntwork-io/terratest/modules/test-structure"
+	"github.com/stretchr/testify/assert"
 	"testing"
 )
 
 func TestSimple(t *testing.T) {
-	// Create a random unique ID for the VPC
+	// Create a random unique ID for the role name
 	randomId := random.UniqueId()
-	workingDir := "../examples/simple"
+	roleName := fmt.Sprintf("terratest-%v", randomId)
+	workingDir := "../tests/simple"
 
+	// Randomize the region
+	region := aws.GetRandomRegion(t, []string{"eu-north-1", "us-east-1"}, nil)
+
+	// Terraform destroy
 	defer test_structure.RunTestStage(t, "destroy", func() {
 		terraformOptions := test_structure.LoadTerraformOptions(t, workingDir)
 		terraform.Destroy(t, terraformOptions)
@@ -23,20 +30,28 @@ func TestSimple(t *testing.T) {
 		test_structure.CleanupTestDataFolder(t, workingDir)
 	})
 
+	// Terraform init and apply
 	test_structure.RunTestStage(t, "init", func() {
 		terraformOptions := &terraform.Options{
 			TerraformDir: workingDir,
+			EnvVars: map[string]string{
+				"AWS_DEFAULT_REGION": region,
+			},
 
 			Vars: map[string]interface{}{
-				"role_name": fmt.Sprintf("terratest-%v", randomId),
+				"role_name": roleName,
 			},
 		}
 		test_structure.SaveTerraformOptions(t, workingDir, terraformOptions)
 		terraform.InitAndApply(t, terraformOptions)
 	})
 
+	// Tun tests
 	test_structure.RunTestStage(t, "tests", func() {
 		terraformOptions := test_structure.LoadTerraformOptions(t, workingDir)
 		terraform.ApplyAndIdempotent(t, terraformOptions)
+
+		outputRoleName := terraform.Output(t, terraformOptions, "role_name")
+		assert.Equal(t, roleName, outputRoleName, "role_name should be equal")
 	})
 }
diff --git a/examples/simple/main.tf b/tests/simple/main.tf
similarity index 86%
rename from examples/simple/main.tf
rename to tests/simple/main.tf
index 2062505..1fe7f68 100644
--- a/examples/simple/main.tf
+++ b/tests/simple/main.tf
@@ -1,7 +1,3 @@
-provider "aws" {
-  region = "eu-north-1"
-}
-
 data "aws_iam_policy" "view_only" {
   name = "ViewOnlyAccess"
 }
diff --git a/tests/simple/outputs.tf b/tests/simple/outputs.tf
new file mode 100644
index 0000000..083d7ed
--- /dev/null
+++ b/tests/simple/outputs.tf
@@ -0,0 +1,9 @@
+output "openid_connect_provider" {
+  description = "AWS OpenID Connected identity provider."
+  value       = module.aws_github_actions_oidc.openid_connect_provider
+}
+
+output "role_name" {
+  description = "AWS Role created"
+  value       = module.aws_github_actions_oidc.role.name
+}
diff --git a/tests/simple/provider.tf b/tests/simple/provider.tf
new file mode 100644
index 0000000..a6560e1
--- /dev/null
+++ b/tests/simple/provider.tf
@@ -0,0 +1,11 @@
+provider "aws" {
+  access_key                  = "test"
+  secret_key                  = "test"
+  skip_credentials_validation = true
+  skip_metadata_api_check     = true
+  skip_requesting_account_id  = true
+
+  endpoints {
+    iam = "http://localhost:4566"
+  }
+}
diff --git a/examples/simple/variables.tf b/tests/simple/variables.tf
similarity index 100%
rename from examples/simple/variables.tf
rename to tests/simple/variables.tf