diff --git a/main.tf b/main.tf
index c3f623d..0ec596a 100644
--- a/main.tf
+++ b/main.tf
@@ -38,7 +38,8 @@ module load_balancer {
 ############
 
 module container_definition {
-  source = "./modules/fargate_container_definition"
+  source = "transcend-io/fargate-container/aws"
+  version = "1.5.1"
 
   name           = "${var.deploy_env}-${var.project_id}-container"
   image          = var.ecr_image
@@ -124,7 +125,8 @@ module container_definition {
 ###############
 
 module service {
-  source = "./modules/fargate_service"
+  source  = "transcend-io/fargate-service/aws"
+  version = "0.4.0"
 
   name                   = "${var.deploy_env}-${var.project_id}-sombra-service"
   desired_count          = var.desired_count
@@ -143,9 +145,10 @@ module service {
   )
 
   additional_task_policy_arns = concat([
-    module.container_definition.secrets_policy_arn,
-    aws_iam_policy.kms_policy.arn,
-  ], var.extra_task_policy_arns)
+    aws_iam_policy.kms_policy.arn],
+    module.container_definition.secrets_policy_arns,
+    var.extra_task_policy_arns
+  )
   additional_task_policy_arns_count = 2 + length(var.extra_task_policy_arns)
 
   load_balancers = [
diff --git a/modules/fargate_container_definition/main.tf b/modules/fargate_container_definition/main.tf
deleted file mode 100644
index 339a804..0000000
--- a/modules/fargate_container_definition/main.tf
+++ /dev/null
@@ -1,110 +0,0 @@
-resource "aws_ssm_parameter" "params" {
-  for_each = var.secret_environment
-
-  description = "Param for the ${each.key} env var in the container: ${var.name}"
-
-  name  = "${var.deploy_env}-${var.ssm_prefix}-${each.key}"
-  value = each.value
-
-  type = "SecureString"
-  tier = length(each.value) > 4096 ? "Advanced" : "Standard"
-
-  tags = var.tags
-}
-
-resource "aws_ssm_parameter" "secret_log_options" {
-  for_each = var.log_secrets
-
-  description = "Log option named ${each.key} in the container: ${var.name}"
-
-  name  = "${var.deploy_env}-logOptions-${var.ssm_prefix}-${each.key}"
-  value = each.value
-
-  type = "SecureString"
-  tier = length(each.value) > 4096 ? "Advanced" : "Standard"
-
-  tags = var.tags
-}
-
-data "aws_iam_policy_document" "secret_access_policy_doc" {
-  statement {
-    effect = "Allow"
-    actions = [
-      "ssm:GetParameters",
-      "secretsmanager:GetSecretValue",
-    ]
-    resources = [
-      for name, outputs in merge(
-        aws_ssm_parameter.params,
-        aws_ssm_parameter.secret_log_options,
-      ) :
-      outputs.arn
-    ]
-  }
-}
-
-resource "aws_iam_policy" "secret_access_policy" {
-  name_prefix = "${var.deploy_env}-${var.name}-secret-access-policy"
-  description = "Gives access to read ssm env vars"
-  policy      = data.aws_iam_policy_document.secret_access_policy_doc.json
-}
-
-module "definition" {
-  source  = "cloudposse/ecs-container-definition/aws"
-  version = "v0.21.0"
-
-  container_name  = var.name
-  container_image = var.image
-
-  container_cpu    = var.cpu
-  container_memory = var.memory
-
-  port_mappings = [
-    for port in var.containerPorts :
-    {
-      containerPort = port
-      hostPort      = port
-      protocol      = "tcp"
-    }
-  ]
-
-  log_configuration = var.use_cloudwatch_logs ? {
-    logDriver = "awslogs"
-    options = {
-      "awslogs-region"        = var.aws_region
-      "awslogs-group"         = aws_cloudwatch_log_group.log_group[0].name
-      "awslogs-stream-prefix" = "ecs--${var.name}"
-    }
-    secretOptions = []
-    } : merge(var.log_configuration, {
-      secretOptions = [
-        for name, outputs in aws_ssm_parameter.secret_log_options :
-        {
-          name      = name
-          valueFrom = outputs.arn
-        }
-      ]
-  })
-
-  environment = [
-    for name in sort(keys(var.environment)) :
-    {
-      name  = name
-      value = var.environment[name]
-    }
-  ]
-
-  secrets = [
-    for name, outputs in aws_ssm_parameter.params :
-    {
-      name      = name
-      valueFrom = outputs.arn
-    }
-  ]
-}
-
-resource "aws_cloudwatch_log_group" "log_group" {
-  count = var.use_cloudwatch_logs ? 1 : 0
-  name  = "${var.name}-log-group"
-  tags  = var.tags
-}
diff --git a/modules/fargate_container_definition/outputs.tf b/modules/fargate_container_definition/outputs.tf
deleted file mode 100644
index db64646..0000000
--- a/modules/fargate_container_definition/outputs.tf
+++ /dev/null
@@ -1,19 +0,0 @@
-output json {
-  value = module.definition.json
-}
-
-output json_map {
-  value = module.definition.json_map
-}
-
-output secrets_policy_arn {
-  value = aws_iam_policy.secret_access_policy.arn
-}
-
-output container_name {
-  value = var.name
-}
-
-output container_ports {
-  value = var.containerPorts
-}
diff --git a/modules/fargate_container_definition/variables.tf b/modules/fargate_container_definition/variables.tf
deleted file mode 100644
index 42d958a..0000000
--- a/modules/fargate_container_definition/variables.tf
+++ /dev/null
@@ -1,130 +0,0 @@
-variable name {
-  type        = string
-  description = <<EOF
-  The name of a container. Up to 255 letters (uppercase and lowercase), numbers, hyphens,
-  and underscores are allowed. If you are linking multiple containers together in a task
-  definition, the name of one container can be entered in the links of another container
-  to connect the containers.
-  EOF
-}
-
-variable image {
-  type        = string
-  description = <<EOF
-  The image used to start a container. This string is passed directly to the Docker daemon.
-  Images in the Docker Hub registry are available by default. You can also specify other
-  repositories with either repository-url/image:tag or repository-url/image@digest. Up to 255
-  letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward
-  slashes, and number signs are allowed.
-  EOF
-}
-
-variable cpu {
-  type        = number
-  default     = 512
-  description = <<EOF
-  The number of cpu units the Amazon ECS container agent will reserve for the container.
-  EOF
-}
-
-variable memory {
-  type        = number
-  default     = 1024
-  description = <<EOF
-  The amount (in MiB) of memory to present to the container. If your container attempts to
-  exceed the memory specified here, the container is killed. The total amount of memory reserved
-  for all containers within a task must be lower than the task memory value, if one is specified.
-  EOF
-}
-
-variable containerPorts {
-  type        = list(number)
-  default     = []
-  description = <<EOF
-  Port mappings allow containers to access ports on the host container instance to send or receive traffic.
-  Each port number given will be mapped from the container to the host over the tcp protocol.
-  EOF
-}
-
-variable environment {
-  type        = map(string)
-  default     = {}
-  description = <<EOF
-  The non-secret environment variables to pass to a container.
-
-  Usage would be something like:
-  environment = {
-    SOME_ENV_VAR = "123"
-    SOME_OTHER_ENV_VAR = "nice"
-  }
-  EOF
-}
-
-variable secret_environment {
-  type        = map(string)
-  default     = {}
-  description = <<EOF
-  The secret environment variables to pass to a container.
-
-  Usage would be something like:
-  environment = {
-    SOME_ENV_VAR = "123"
-    SOME_OTHER_ENV_VAR = "nice"
-  }
-
-  These will be made into SSM SecureString parameters, which
-  will be dynamically fetched and set as env vars on boot.
-  EOF
-}
-
-variable tags {
-  type        = map(string)
-  description = "Tags to apply to all resources that support them"
-}
-
-variable ssm_prefix {
-  type        = string
-  description = "Prefix to put in front of all ssm parameter keys"
-  default     = "ssm"
-}
-
-variable deploy_env {
-  type        = string
-  description = "The environment resources are to be created in. Usually dev, staging, or prod"
-}
-
-variable aws_region {
-  type        = string
-  description = "The AWS region to create resources in."
-  default     = "eu-west-1"
-}
-
-variable use_cloudwatch_logs {
-  type        = bool
-  description = "If true, a cloudwatch group will be created and written to."
-  default     = true
-}
-
-# https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_LogConfiguration.html
-variable log_configuration {
-  type = object({
-    logDriver = string
-    options   = map(string)
-  })
-  description = <<EOF
-  Log configuration options to send to a custom log driver for the container.
-  For more details, see https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_LogConfiguration.html
-
-  This parameter is ignored if use_cloudwatch_logs is true, and a log group will be automatically
-  written to.
-
-  Use log_secrets to set extra options here that should be secret, such as API keys for third party loggers.
-  EOF
-  default     = null
-}
-
-variable log_secrets {
-  type        = map(string)
-  default     = {}
-  description = "Used to add extra options to log_configuration.options that should be secret, such as third party API keys"
-}
diff --git a/modules/fargate_service/execution_role.tf b/modules/fargate_service/execution_role.tf
deleted file mode 100644
index df0da52..0000000
--- a/modules/fargate_service/execution_role.tf
+++ /dev/null
@@ -1,43 +0,0 @@
-data "aws_iam_policy_document" "ecs_cloudwatch_doc" {
-  statement {
-    actions = ["sts:AssumeRole"]
-    effect  = "Allow"
-    principals {
-      type        = "Service"
-      identifiers = ["ecs-tasks.amazonaws.com"]
-    }
-  }
-}
-
-resource "aws_iam_role" "execution_role" {
-  name_prefix        = "${var.deploy_env}-ecs-execution-role"
-  assume_role_policy = data.aws_iam_policy_document.ecs_cloudwatch_doc.json
-}
-
-locals {
-  policy_arns = concat(
-    var.additional_task_policy_arns,
-    ["arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy"]
-  )
-}
-
-/**
- * This resource code seems pretty gross, but 'tis the way it has to be.
- *
- * If you were to use a for_each loop, the code would work cleanly like:
- * for_each = setunion(var.additional_task_policy_arns, ["arn:..."])
- *
- * The issue with that is that terraform doesn't then know how many resources
- * to create until the variable additional_task_policy_arns is fully realized,
- * which may be a computed value from the calling module. In that case, you
- * would have to use `-target other_targets.that.determine.the.var` before
- * you could create this resource, which is buggy and messes up CI.
- *
- * By forcing the calling module to pass an explicit count, we can always know how
- * many resources will be created at plan time.
- */
-resource "aws_iam_role_policy_attachment" "ecs_role_policy" {
-  count = var.additional_task_policy_arns_count + 1
-  role  = aws_iam_role.execution_role.name
-  policy_arn = local.policy_arns[count.index]
-}
diff --git a/modules/fargate_service/main.tf b/modules/fargate_service/main.tf
deleted file mode 100644
index 3d940cb..0000000
--- a/modules/fargate_service/main.tf
+++ /dev/null
@@ -1,80 +0,0 @@
-resource "aws_ecs_service" "service" {
-  name          = var.name
-  cluster       = var.cluster_id
-  desired_count = var.desired_count
-
-  task_definition = aws_ecs_task_definition.task.arn
-  launch_type     = "FARGATE"
-
-  network_configuration {
-    security_groups  = [aws_security_group.service_security_group.id]
-    subnets          = var.subnet_ids
-    assign_public_ip = false
-  }
-
-  deployment_controller {
-    type = "ECS"
-  }
-
-  health_check_grace_period_seconds = length(var.load_balancers) > 0 ? 60 : 0
-
-  dynamic "load_balancer" {
-    for_each = var.load_balancers
-    content {
-      target_group_arn = load_balancer.value.target_group_arn
-      container_name   = load_balancer.value.container_name
-      container_port   = load_balancer.value.container_port
-    }
-  }
-
-  # Allow external changes to service count without Terraform plan difference
-  lifecycle {
-    ignore_changes = [desired_count]
-  }
-
-  propagate_tags = "SERVICE"
-  tags           = var.tags
-}
-
-resource "aws_ecs_task_definition" "task" {
-  family                   = "${var.name}-task"
-  requires_compatibilities = ["FARGATE"]
-  network_mode             = "awsvpc"
-  cpu                      = var.cpu
-  memory                   = var.memory
-  execution_role_arn       = aws_iam_role.execution_role.arn
-  task_role_arn            = aws_iam_role.execution_role.arn
-  container_definitions    = var.container_definitions
-  tags                     = var.tags
-}
-
-resource "aws_security_group" "service_security_group" {
-  name        = "${var.name}-ecs-security-group"
-  description = "Allows inbound access to an ECS service only through its alb"
-  vpc_id      = var.vpc_id
-
-  dynamic "ingress" {
-    for_each = var.load_balancers
-    content {
-      from_port       = ingress.value.container_port
-      to_port         = ingress.value.container_port
-      security_groups = var.alb_security_group_ids
-      protocol        = "tcp"
-    }
-  }
-
-  # Allow all outgoing access
-  egress {
-    from_port   = 0
-    to_port     = 0
-    protocol    = "-1"
-    cidr_blocks = ["0.0.0.0/0"]
-  }
-
-  timeouts {
-    create = "45m"
-    delete = "45m"
-  }
-
-  tags = var.tags
-}
diff --git a/modules/fargate_service/outputs.tf b/modules/fargate_service/outputs.tf
deleted file mode 100644
index a09d29a..0000000
--- a/modules/fargate_service/outputs.tf
+++ /dev/null
@@ -1,9 +0,0 @@
-output "role_arn" {
-  value       = aws_iam_role.execution_role.arn
-  description = "Arn of the task execution role"
-}
-
-output "policy_arns" {
-  value = local.policy_arns
-  description = "Amazon resource names of all policies set on the IAM Role execution task"
-}
\ No newline at end of file
diff --git a/modules/fargate_service/variables.tf b/modules/fargate_service/variables.tf
deleted file mode 100644
index 1ded52b..0000000
--- a/modules/fargate_service/variables.tf
+++ /dev/null
@@ -1,90 +0,0 @@
-variable name {
-  description = "The name of the service. Used as a prefix for other resource names"
-}
-
-variable cluster_id {
-  description = <<EOF
-  The id of the ECS cluster this service belongs to.
-
-  Having multiple related services in one service can decrease cost
-  by more efficiently using a shared pool of resources.
-  EOF
-}
-
-variable desired_count {
-  type        = number
-  description = "The number of tasks to keep alive at all times"
-}
-
-variable vpc_id {
-  description = "ID of the VPC the alb is in"
-}
-
-variable subnet_ids {
-  type        = list(string)
-  description = "List of subnets tasks can be run in."
-}
-
-variable load_balancers {
-  type = list(object({
-    target_group_arn = string
-    container_name   = string
-    container_port   = string
-  }))
-
-  description = <<EOF
-  When using ECS services, the service will ensure that at least
-  {@variable desired_count} tasks are running at all times. Because
-  there can be multiple tasks running at once, we set up a load
-  balancer to ditribute traffic.
-
-  `target_group_arn` is the arn of the target group on that alb that will
-  be set to watch over the tasks managed by this service.
-  EOF
-}
-
-variable tags {
-  type        = map(string)
-  description = "Tags to set on all resources that support them"
-}
-
-variable cpu {
-  default     = 512
-  description = "How much CPU should be allocated to each app instance?"
-}
-
-variable memory {
-  default     = 1024
-  description = "How much memory should be allocated to each app instance?"
-}
-
-variable container_definitions {
-  type        = string
-  description = "JSON encoded list of container definitions"
-}
-
-variable additional_task_policy_arns {
-  type        = list(string)
-  description = "IAM Policy arns to be added to the tasks"
-}
-
-variable additional_task_policy_arns_count {
-  type        = number
-  description = "The number of items in var.additional_task_policy_arns. Terraform is not quite smart enough to figure this out on its own."
-}
-
-variable alb_security_group_ids {
-  type        = list(string)
-  description = "The ids of all security groups set on the ALB. We require that the tasks can only talk to the ALB"
-}
-
-variable deploy_env {
-  type        = string
-  description = "The environment resources are to be created in. Usually dev, staging, or prod"
-}
-
-variable aws_region {
-  type        = string
-  description = "The AWS region to create resources in."
-  default     = "eu-west-1"
-}
diff --git a/modules/sombra_load_balancers/versions.tf b/modules/sombra_load_balancers/versions.tf
new file mode 100644
index 0000000..1d23dfe
--- /dev/null
+++ b/modules/sombra_load_balancers/versions.tf
@@ -0,0 +1,8 @@
+terraform {
+  required_providers {
+    aws = {
+      source = "hashicorp/aws"
+    }
+  }
+  required_version = ">= 0.13"
+}
diff --git a/versions.tf b/versions.tf
new file mode 100644
index 0000000..1d23dfe
--- /dev/null
+++ b/versions.tf
@@ -0,0 +1,8 @@
+terraform {
+  required_providers {
+    aws = {
+      source = "hashicorp/aws"
+    }
+  }
+  required_version = ">= 0.13"
+}