diff --git a/.github/workflows/cf-test.yml b/.github/workflows/cf-test.yml
new file mode 100644
index 00000000..ad7de77f
--- /dev/null
+++ b/.github/workflows/cf-test.yml
@@ -0,0 +1,58 @@
+name: "CF template tests"
+on: [workflow_dispatch, pull_request]
+
+jobs:
+  ValidateLinting:
+    name: "Cloud Formation template linting verification"
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Setup Cloud Formation Linter with Latest Version
+        uses: scottbrenner/cfn-lint-action@v2
+
+      - name: Print the Cloud Formation Linter Version & run Linter.
+        run: |
+          cfn-lint aws-observability/**/*.yaml --ignore-templates aws-observability/**/*TestTemplate.yaml
+
+  CFSecurityChecksCheckovt:
+    name: "Cloud Formation template tests using checkov"
+    runs-on: "ubuntu-latest"
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v3
+
+      - uses: bridgecrewio/checkov-action@master
+        with:
+          directory: aws-observability/
+          quiet: false
+          framework: cloudformation
+          output_format: cli
+          output_bc_ids: true
+
+  CFSecurityChecksCFNNAG:
+    name: "cfn-nag for Cloud Formation template"
+    runs-on: "ubuntu-latest"
+    steps:
+      - uses: stelligent/cfn_nag@master
+        with:
+          input_path: aws-observability/**/*.yaml
+
+
+  ValidatePython:
+    name: "Validate Python test"
+    runs-on: "ubuntu-latest"
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v3
+
+      - run: |
+        unzip aws-observability/apps/SumoLogicAWSObservabilityHelper/SumoLogicAWSObservabilityHelperv2.0.17.zip -d SumoLogicAWSObservabilityHelperv2.0.17
+      - uses: bridgecrewio/checkov-action@master
+        with:
+          directory: aws-observability/apps/SumoLogicAWSObservabilityHelper/SumoLogicAWSObservabilityHelperv2.0.17/
+          quiet: false
+          framework: python
+          output_format: cli
+          output_bc_ids: true
\ No newline at end of file
diff --git a/aws-observability/apps/elb/elb_app.template.yaml b/aws-observability/apps/elb/elb_app.template.yaml
index 65a8245c..516ab6e9 100755
--- a/aws-observability/apps/elb/elb_app.template.yaml
+++ b/aws-observability/apps/elb/elb_app.template.yaml
@@ -345,6 +345,20 @@ Resources:
         region: !Ref "AWS::Region"
         accountid: !Ref "AWS::AccountId"
 
+  SumoELBMetricsUpdateSource:
+    Type: Custom::SumoLogicUpdateFields
+    Condition: update_elb_metrics_source
+    Properties:
+      ServiceToken: !Ref Section6aParentStackLambdaARN
+      Region: !Ref "AWS::Region"
+      RemoveOnDeleteStack: !Ref Section1dRemoveSumoResourcesOnDeleteStack
+      SourceApiUrl: !Ref Section4aCloudWatchExistingSourceAPIUrl
+      SumoAccessID: !Ref Section1bSumoAccessID
+      SumoAccessKey: !Ref Section1cSumoAccessKey
+      SumoDeployment: !Ref Section1aSumoDeployment
+      Fields:
+        account: !GetAtt AccountAliasValue.ACCOUNT_ALIAS
+
   ElbLogsFieldExtractionRule:
     Type: Custom::SumoLogicFieldExtractionRule
     Condition: create_fer