diff --git a/.gitignore b/.gitignore
index 03232e59..ccd3f583 100644
--- a/.gitignore
+++ b/.gitignore
@@ -28,7 +28,8 @@ tmp/pids/*
 
 .terraform
 terraform/aks/vendor
+terraform/custom_domains/environment_domains/vendor
+terraform/custom_domains/infrastructure/vendor
 terraform.tfstate*
-bin/terrafile
 bin/konduit.sh
 bin/fetch_config.rb
diff --git a/Makefile b/Makefile
index 95bf85fb..54e46246 100644
--- a/Makefile
+++ b/Makefile
@@ -41,21 +41,16 @@ production: production-cluster
 ci:
 	$(eval export AUTO_APPROVE=-auto-approve)
 
-install-terrafile: ## Install terrafile to manage terraform modules
-	[ ! -f bin/terrafile ] \
-		&& curl -sL https://github.com/coretech/terrafile/releases/download/v${TERRAFILE_VERSION}/terrafile_${TERRAFILE_VERSION}_$$(uname)_x86_64.tar.gz \
-		| tar xz -C ./bin terrafile \
-		|| true
-
 set-azure-account:
 	az account set -s ${AZ_SUBSCRIPTION}
 
-terraform-init: install-terrafile set-azure-account
+terraform-init: set-azure-account
 	$(if $(IMAGE_TAG), , $(eval export IMAGE_TAG=main))
 	$(eval export TF_VAR_app_docker_image=ghcr.io/dfe-digital/check-childrens-barred-list:$(IMAGE_TAG))
 
 	$(if $(APP_NAME), $(eval KEY_PREFIX=$(APP_NAME)), $(eval KEY_PREFIX=$(ENVIRONMENT)))
-	./bin/terrafile -p terraform/aks/vendor/modules -f terraform/aks/config/$(CONFIG)_Terrafile
+	rm -rf terraform/aks/vendor/modules/aks
+	git -c advice.detachedHead=false clone --depth=1 --single-branch --branch ${TERRAFORM_MODULES_TAG} https://github.com/DFE-Digital/terraform-modules.git terraform/aks/vendor/modules/aks
 	terraform -chdir=terraform/aks init -upgrade -reconfigure \
 		-backend-config=resource_group_name=${RESOURCE_GROUP_NAME} \
 		-backend-config=storage_account_name=${STORAGE_ACCOUNT_NAME} \
@@ -135,6 +130,9 @@ dns:
 	$(eval include global_config/dns-domain.sh)
 
 domains-infra-init: set-azure-account
+	rm -rf terraform/custom_domains/infrastructure/vendor/modules/domains
+	git -c advice.detachedHead=false clone --depth=1 --single-branch --branch ${TERRAFORM_MODULES_TAG} https://github.com/DFE-Digital/terraform-modules.git terraform/custom_domains/infrastructure/vendor/modules/domains
+
 	terraform -chdir=terraform/custom_domains/infrastructure init -reconfigure -upgrade \
 		-backend-config=config/${DOMAINS_ID}_backend.tfvars
 
@@ -145,6 +143,8 @@ domains-infra-apply: domains-infra-init # make dns domains-infra-apply
 	terraform -chdir=terraform/custom_domains/infrastructure apply -var-file config/${DOMAINS_ID}.tfvars.json ${AUTO_APPROVE}
 
 domains-init: set-azure-account
+	rm -rf terraform/custom_domains/environment_domains/vendor/modules/domains
+	git -c advice.detachedHead=false clone --depth=1 --single-branch --branch ${TERRAFORM_MODULES_TAG} https://github.com/DFE-Digital/terraform-modules.git terraform/custom_domains/environment_domains/vendor/modules/domains
 	$(if $(PR_NUMBER), $(eval DEPLOY_ENV=${PR_NUMBER}))
 	terraform -chdir=terraform/custom_domains/environment_domains init -upgrade -reconfigure -backend-config=config/${DOMAINS_ID}_${DEPLOY_ENV}_backend.tfvars
 
diff --git a/global_config/dns-domain.sh b/global_config/dns-domain.sh
index 473d8042..a060534b 100644
--- a/global_config/dns-domain.sh
+++ b/global_config/dns-domain.sh
@@ -9,3 +9,4 @@ KEYVAULT_NAME=${RESOURCE_NAME_PREFIX}-${DNS_ZONE}domains-kv
 STORAGE_ACCOUNT_NAME=${RESOURCE_NAME_PREFIX}${DNS_ZONE}domainstf
 DOMAINS_ID=ccbl
 RUN_TERRAFILE=yes
+TERRAFORM_MODULES_TAG=stable
diff --git a/global_config/preproduction.sh b/global_config/preproduction.sh
index 810d52cc..6c6a467c 100644
--- a/global_config/preproduction.sh
+++ b/global_config/preproduction.sh
@@ -7,3 +7,4 @@ AZURE_RESOURCE_PREFIX=s189t01
 RESOURCE_GROUP_NAME=${AZURE_RESOURCE_PREFIX}-${SERVICE_SHORT}-${CONFIG_SHORT}-rg
 KEYVAULT_NAME=${AZURE_RESOURCE_PREFIX}-${SERVICE_SHORT}-${CONFIG_SHORT}-kv
 STORAGE_ACCOUNT_NAME=${AZURE_RESOURCE_PREFIX}${SERVICE_SHORT}tfstate${CONFIG_SHORT}sa
+TERRAFORM_MODULES_TAG=testing
diff --git a/global_config/production.sh b/global_config/production.sh
index 6192033a..5624adb4 100644
--- a/global_config/production.sh
+++ b/global_config/production.sh
@@ -7,3 +7,4 @@ AZURE_RESOURCE_PREFIX=s189p01
 RESOURCE_GROUP_NAME=${AZURE_RESOURCE_PREFIX}-${SERVICE_SHORT}-${CONFIG_SHORT}-rg
 KEYVAULT_NAME=${AZURE_RESOURCE_PREFIX}-${SERVICE_SHORT}-${CONFIG_SHORT}-kv
 STORAGE_ACCOUNT_NAME=${AZURE_RESOURCE_PREFIX}${SERVICE_SHORT}tfstate${CONFIG_SHORT}sa
+TERRAFORM_MODULES_TAG=stable
diff --git a/global_config/review.sh b/global_config/review.sh
index 424dd2c3..10c0a4d6 100644
--- a/global_config/review.sh
+++ b/global_config/review.sh
@@ -7,3 +7,4 @@ AZURE_RESOURCE_PREFIX=s189t01
 RESOURCE_GROUP_NAME=${AZURE_RESOURCE_PREFIX}-${SERVICE_SHORT}-${CONFIG_SHORT}-rg
 KEYVAULT_NAME=${AZURE_RESOURCE_PREFIX}-${SERVICE_SHORT}-${CONFIG_SHORT}-kv
 STORAGE_ACCOUNT_NAME=${AZURE_RESOURCE_PREFIX}${SERVICE_SHORT}tfstate${CONFIG_SHORT}sa
+TERRAFORM_MODULES_TAG=main
diff --git a/global_config/test.sh b/global_config/test.sh
index b0d1e34a..76a74f44 100644
--- a/global_config/test.sh
+++ b/global_config/test.sh
@@ -7,3 +7,4 @@ AZURE_RESOURCE_PREFIX=s189t01
 RESOURCE_GROUP_NAME=${AZURE_RESOURCE_PREFIX}-${SERVICE_SHORT}-${CONFIG_SHORT}-rg
 KEYVAULT_NAME=${AZURE_RESOURCE_PREFIX}-${SERVICE_SHORT}-${CONFIG_SHORT}-kv
 STORAGE_ACCOUNT_NAME=${AZURE_RESOURCE_PREFIX}${SERVICE_SHORT}tfstate${CONFIG_SHORT}sa
+TERRAFORM_MODULES_TAG=main
diff --git a/terraform/aks/config/preproduction_Terrafile b/terraform/aks/config/preproduction_Terrafile
deleted file mode 100644
index 465040b9..00000000
--- a/terraform/aks/config/preproduction_Terrafile
+++ /dev/null
@@ -1,3 +0,0 @@
-aks:
-  source:  "https://github.com/DFE-Digital/terraform-modules"
-  version: "main"
diff --git a/terraform/aks/config/production_Terrafile b/terraform/aks/config/production_Terrafile
deleted file mode 100644
index 75c5052f..00000000
--- a/terraform/aks/config/production_Terrafile
+++ /dev/null
@@ -1,3 +0,0 @@
-aks:
-  source:  "https://github.com/DFE-Digital/terraform-modules"
-  version: "stable"
diff --git a/terraform/aks/config/review_Terrafile b/terraform/aks/config/review_Terrafile
deleted file mode 100644
index 465040b9..00000000
--- a/terraform/aks/config/review_Terrafile
+++ /dev/null
@@ -1,3 +0,0 @@
-aks:
-  source:  "https://github.com/DFE-Digital/terraform-modules"
-  version: "main"
diff --git a/terraform/aks/config/test_Terrafile b/terraform/aks/config/test_Terrafile
deleted file mode 100644
index 465040b9..00000000
--- a/terraform/aks/config/test_Terrafile
+++ /dev/null
@@ -1,3 +0,0 @@
-aks:
-  source:  "https://github.com/DFE-Digital/terraform-modules"
-  version: "main"
diff --git a/terraform/custom_domains/environment_domains/.terraform.lock.hcl b/terraform/custom_domains/environment_domains/.terraform.lock.hcl
index 10fdcc67..8c3d1278 100644
--- a/terraform/custom_domains/environment_domains/.terraform.lock.hcl
+++ b/terraform/custom_domains/environment_domains/.terraform.lock.hcl
@@ -5,6 +5,7 @@ provider "registry.terraform.io/hashicorp/azurerm" {
   version     = "3.116.0"
   constraints = "3.116.0"
   hashes = [
+    "h1:2QbjtN4oMXzdA++Nvrj/wSmWZTPgXKOSFGGQCLEMrb4=",
     "h1:BCR3NIorFSvGG3v/+JOiiw3VM4PkChLO4m84wzD9NDo=",
     "zh:02b6606aff025fc2a962b3e568e000300abe959adac987183c24dac8eb057f4d",
     "zh:2a23a8ce24ff9e885925ffee0c3ea7eadba7a702541d05869275778aa47bdea7",
diff --git a/terraform/custom_domains/environment_domains/main.tf b/terraform/custom_domains/environment_domains/main.tf
index f7e11e3a..493bdb24 100644
--- a/terraform/custom_domains/environment_domains/main.tf
+++ b/terraform/custom_domains/environment_domains/main.tf
@@ -1,7 +1,7 @@
 # Used to create domains to be managed by front door.
 module "domains" {
   for_each              = var.hosted_zone
-  source                = "git::https://github.com/DFE-Digital/terraform-modules.git//domains/environment_domains?ref=stable"
+  source                = "./vendor/modules/domains//domains/environment_domains"
   zone                  = each.key
   front_door_name       = each.value.front_door_name
   resource_group_name   = each.value.resource_group_name
@@ -15,6 +15,6 @@ module "domains" {
 
 # Takes values from hosted_zone.domain_name.cnames (or txt_records, a-records). Use for domains which are not associated with front door.
 module "dns_records" {
-  source      = "git::https://github.com/DFE-Digital/terraform-modules.git//dns/records?ref=stable"
+  source      = "./vendor/modules/domains//dns/records"
   hosted_zone = var.hosted_zone
 }
diff --git a/terraform/custom_domains/infrastructure/.terraform.lock.hcl b/terraform/custom_domains/infrastructure/.terraform.lock.hcl
index 10fdcc67..8c3d1278 100644
--- a/terraform/custom_domains/infrastructure/.terraform.lock.hcl
+++ b/terraform/custom_domains/infrastructure/.terraform.lock.hcl
@@ -5,6 +5,7 @@ provider "registry.terraform.io/hashicorp/azurerm" {
   version     = "3.116.0"
   constraints = "3.116.0"
   hashes = [
+    "h1:2QbjtN4oMXzdA++Nvrj/wSmWZTPgXKOSFGGQCLEMrb4=",
     "h1:BCR3NIorFSvGG3v/+JOiiw3VM4PkChLO4m84wzD9NDo=",
     "zh:02b6606aff025fc2a962b3e568e000300abe959adac987183c24dac8eb057f4d",
     "zh:2a23a8ce24ff9e885925ffee0c3ea7eadba7a702541d05869275778aa47bdea7",
diff --git a/terraform/custom_domains/infrastructure/main.tf b/terraform/custom_domains/infrastructure/main.tf
index 1628da9d..b2fee8cb 100644
--- a/terraform/custom_domains/infrastructure/main.tf
+++ b/terraform/custom_domains/infrastructure/main.tf
@@ -1,5 +1,5 @@
 module "domains_infrastructure" {
-  source                 = "git::https://github.com/DFE-Digital/terraform-modules.git//domains/infrastructure?ref=stable"
+  source                 = "./vendor/modules/domains//domains/infrastructure"
   hosted_zone            = var.hosted_zone
   tags                   = var.tags
   deploy_default_records = var.deploy_default_records