diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index cc95bede40ba34701c950351801881b9d22c0457..037625213453cc711d69e42647cd15f3597ef013 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -3,6 +3,8 @@ variables:
   AWS_TEST_SUBDIR: testing/legal-test-aws
   AWS_SERVICE: legal
   AWS_ENVIRONMENT: dev
+  AWS_DEPLOY_TARGET: EKS
+  AWS_EKS_DEPLOYMENT_NAME: os-legal
 
   GCP_BUILD_SUBDIR: provider/legal-gcp
   GCP_INT_TEST_SUBDIR: testing/legal-test-gcp
@@ -40,7 +42,7 @@ include:
     file: "scanners/gitlab-ultimate.yml"
 
   - project: "osdu/platform/ci-cd-pipelines"
-    file: "cloud-providers/aws.yml"
+    file: "cloud-providers/aws.yml"    
 
   - project: "osdu/platform/ci-cd-pipelines"
     file: "cloud-providers/ibm.yml"
diff --git a/NOTICE b/NOTICE
index ee9c83f6cb69ef23060dc65e5e0738af5f14b5eb..27df102c216b2e724ca81bbb4187fa77a7970549 100644
--- a/NOTICE
+++ b/NOTICE
@@ -29,20 +29,6 @@ The following software have components provided under the terms of this license:
 - AMQP 1.0 JMS Spring Boot Starter (from https://repo1.maven.org/maven2/org/amqphub/spring/amqp-10-jms-spring-boot-starter)
 - ASM based accessors helper used by json-smart (from )
 - ASM based accessors helper used by json-smart (from )
-- AWS Event Stream (from https://github.com/awslabs/aws-eventstream-java)
-- AWS Java SDK :: AWS Core (from https://aws.amazon.com/sdkforjava)
-- AWS Java SDK :: Annotations (from https://repo1.maven.org/maven2/software/amazon/awssdk/annotations)
-- AWS Java SDK :: Auth (from https://aws.amazon.com/sdkforjava)
-- AWS Java SDK :: Core :: Protocols :: AWS Json Protocol (from https://aws.amazon.com/sdkforjava)
-- AWS Java SDK :: Core :: Protocols :: Protocol Core (from https://aws.amazon.com/sdkforjava)
-- AWS Java SDK :: HTTP Client Interface (from https://repo1.maven.org/maven2/software/amazon/awssdk/http-client-spi)
-- AWS Java SDK :: HTTP Clients :: Apache (from https://repo1.maven.org/maven2/software/amazon/awssdk/apache-client)
-- AWS Java SDK :: HTTP Clients :: Netty Non-Blocking I/O (from https://repo1.maven.org/maven2/software/amazon/awssdk/netty-nio-client)
-- AWS Java SDK :: Profiles (from https://aws.amazon.com/sdkforjava)
-- AWS Java SDK :: Regions (from https://repo1.maven.org/maven2/software/amazon/awssdk/regions)
-- AWS Java SDK :: SDK Core (from https://aws.amazon.com/sdkforjava)
-- AWS Java SDK :: Services :: AWS Simple Systems Management (SSM) (from https://aws.amazon.com/sdkforjava)
-- AWS Java SDK :: Utilities (from https://repo1.maven.org/maven2/software/amazon/awssdk/utils)
 - AWS Java SDK for AWS Amplify (from https://aws.amazon.com/sdkforjava)
 - AWS Java SDK for AWS App Mesh (from https://aws.amazon.com/sdkforjava)
 - AWS Java SDK for AWS AppSync (from https://aws.amazon.com/sdkforjava)
@@ -479,8 +465,6 @@ The following software have components provided under the terms of this license:
 - Mojo's Maven plugin for Cobertura (from http://mojo.codehaus.org/cobertura-maven-plugin/)
 - MongoDB Driver (from http://www.mongodb.org)
 - MongoDB Java Driver Core (from http://www.mongodb.org)
-- Netty Reactive Streams HTTP support (from https://repo1.maven.org/maven2/com/typesafe/netty/netty-reactive-streams-http)
-- Netty Reactive Streams Implementation (from https://repo1.maven.org/maven2/com/typesafe/netty/netty-reactive-streams)
 - Netty/Buffer (from https://repo1.maven.org/maven2/io/netty/netty-buffer)
 - Netty/Codec (from https://repo1.maven.org/maven2/io/netty/netty-codec)
 - Netty/Codec/DNS (from https://repo1.maven.org/maven2/io/netty/netty-codec-dns)
@@ -1050,7 +1034,6 @@ public-domain
 ========================================================================
 The following software have components provided under the terms of this license:
 
-- AWS Java SDK :: SDK Core (from https://aws.amazon.com/sdkforjava)
 - AWS SDK for Java - Models (from https://aws.amazon.com/sdkforjava)
 - Apache Groovy (from https://groovy-lang.org)
 - Apache Groovy (from https://groovy-lang.org)
diff --git a/provider/legal-aws/build-aws/buildspec.yaml b/provider/legal-aws/build-aws/buildspec.yaml
index e4071081c1c4481a49bd54f6e40c12e01b657b04..731961d497f3c6f072a69579f85e8bf07467fd93 100644
--- a/provider/legal-aws/build-aws/buildspec.yaml
+++ b/provider/legal-aws/build-aws/buildspec.yaml
@@ -21,6 +21,11 @@ env:
   secrets-manager:
     DOCKER_USERNAME: /osdu/devops/docker_credentials:username
     DOCKER_PASSWORD: /osdu/devops/docker_credentials:password
+    SONAR_USERNAME: /osdu/devops/sonar_credentials:username
+    SONAR_PASSWORD: /osdu/devops/sonar_credentials:password
+  
+  parameter-store:
+    SONAR_URL: /osdu/devops/sonar_url
 
 phases:
   install:
@@ -60,7 +65,7 @@ phases:
       - printenv
 
       - echo "Building primary service assemblies..."
-      - mvn -ntp -B test install -pl legal-core,provider/legal-aws -Ddeployment.environment=prod
+      - mvn -ntp -B test install sonar:sonar -pl .,legal-core,provider/legal-aws -Ddeployment.environment=prod -Dsonar.login=${SONAR_USERNAME} -Dsonar.password=${SONAR_PASSWORD} -Dsonar.branch.name=${BRANCH_NAME} 
 
 #      Suspended until further notice
 #      - echo "Copying assemblies to dist..."
@@ -85,6 +90,9 @@ phases:
         python provider/legal-aws/build-aws/build-info.py --branch ${CODEBUILD_SOURCE_VERSION} --commit ${CODEBUILD_RESOLVED_SOURCE_VERSION} \
           --buildid ${CODEBUILD_BUILD_ID} --buildnumber ${CODEBUILD_BUILD_NUMBER} --reponame ${REPO_NAME} --outdir ${OUTPUT_DIR} \
           --artifact ${ECR_IMAGE}
+  post_build:
+    commands:
+      - cp provider/legal-aws/target/dependency-check-report.html ${OUTPUT_DIR}
 reports:
   SurefireReports: # CodeBuild will create a report group called "SurefireReports".
     files: #Store all of the files
diff --git a/provider/legal-aws/maven/settings.xml b/provider/legal-aws/maven/settings.xml
index 7a6c05029421b0b3d5f66b77b4a38ea57a72bdfb..2236ea5de89bdee61b20327c1bf9eb27d4274eed 100644
--- a/provider/legal-aws/maven/settings.xml
+++ b/provider/legal-aws/maven/settings.xml
@@ -53,6 +53,17 @@
                 <azure.devops.token>no-default</azure.devops.token>
             </properties>
         </profile>
+        <profile>
+            <id>sonar</id>
+            <activation>
+                <activeByDefault>true</activeByDefault>
+            </activation>
+            <properties>
+                <sonar.host.url>
+                    ${env.SONAR_URL}
+                </sonar.host.url>
+            </properties>
+        </profile>
     </profiles>
 
     <servers>
diff --git a/provider/legal-aws/pom.xml b/provider/legal-aws/pom.xml
index 500ca16f156d8117b8764f2e557a6ac5323213fd..b43b3e9f8ef7d56f7bf3b086d00c1af3aeccf097 100644
--- a/provider/legal-aws/pom.xml
+++ b/provider/legal-aws/pom.xml
@@ -37,7 +37,7 @@
         <dependency>
             <groupId>org.opengroup.osdu.core.aws</groupId>
             <artifactId>os-core-lib-aws</artifactId>
-            <version>0.10.0</version>
+            <version>0.11.0-SNAPSHOT</version>
         </dependency>
         <dependency>
             <groupId>org.opengroup.osdu</groupId>
@@ -160,6 +160,18 @@
                     <threadCount>1</threadCount>
                 </configuration>
             </plugin>
+            <plugin>
+                <groupId>org.owasp</groupId>
+                <artifactId>dependency-check-maven</artifactId>
+                <version>6.2.2</version>
+                <executions>
+                    <execution>
+                        <goals>
+                            <goal>check</goal>
+                        </goals>
+                    </execution>
+                </executions>
+            </plugin>
         </plugins>
     </build>
 
diff --git a/provider/legal-aws/src/main/java/org/opengroup/osdu/legal/aws/countries/StorageReaderFactoryImpl.java b/provider/legal-aws/src/main/java/org/opengroup/osdu/legal/aws/countries/StorageReaderFactoryImpl.java
index d8c8ac5adec515ba0e19b34a0a9ebe2817aebeac..a7f3cd6240dd4ce3a13174bb4d54c9a4db482292 100644
--- a/provider/legal-aws/src/main/java/org/opengroup/osdu/legal/aws/countries/StorageReaderFactoryImpl.java
+++ b/provider/legal-aws/src/main/java/org/opengroup/osdu/legal/aws/countries/StorageReaderFactoryImpl.java
@@ -14,8 +14,6 @@
 
 package org.opengroup.osdu.legal.aws.countries;
 
-import org.opengroup.osdu.core.aws.ssm.ParameterStorePropertySource;
-import org.opengroup.osdu.core.aws.ssm.SSMConfig;
 import org.opengroup.osdu.core.common.model.http.DpsHeaders;
 import org.opengroup.osdu.core.common.model.tenant.TenantInfo;
 import org.opengroup.osdu.legal.provider.interfaces.IStorageReader;
diff --git a/provider/legal-aws/src/main/java/org/opengroup/osdu/legal/aws/jobs/LegalTagPublisherImpl.java b/provider/legal-aws/src/main/java/org/opengroup/osdu/legal/aws/jobs/LegalTagPublisherImpl.java
index 4f44eba422b066485f26c119b45c11a779ffb30d..a130bd8f47d05626b8fd41b56f344d9c72c3ca74 100644
--- a/provider/legal-aws/src/main/java/org/opengroup/osdu/legal/aws/jobs/LegalTagPublisherImpl.java
+++ b/provider/legal-aws/src/main/java/org/opengroup/osdu/legal/aws/jobs/LegalTagPublisherImpl.java
@@ -18,10 +18,9 @@ package org.opengroup.osdu.legal.aws.jobs;
 import com.amazonaws.services.sns.model.MessageAttributeValue;
 import com.amazonaws.services.sns.model.PublishRequest;
 import com.amazonaws.services.sns.AmazonSNS;
-import org.opengroup.osdu.core.aws.ssm.ParameterStorePropertySource;
-import org.opengroup.osdu.core.aws.ssm.SSMConfig;
+import org.opengroup.osdu.core.aws.ssm.K8sLocalParameterProvider;
+import org.opengroup.osdu.core.aws.ssm.K8sParameterNotFoundException;
 import org.opengroup.osdu.core.common.model.http.DpsHeaders;
-
 import org.opengroup.osdu.core.aws.sns.AmazonSNSConfig;
 import org.opengroup.osdu.core.aws.sns.PublishRequestBuilder;
 import org.opengroup.osdu.core.common.model.legal.StatusChangedTag;
@@ -44,17 +43,14 @@ public class LegalTagPublisherImpl implements ILegalTagPublisher {
 
     private AmazonSNS snsClient;
 
-    @Value("${aws.legal.sns.topic.arn}")
-    String legalTopicSnsArn;
 
-    private ParameterStorePropertySource ssm;
+
     @PostConstruct
-    public void init(){
+    public void init() throws K8sParameterNotFoundException {
         AmazonSNSConfig snsConfig = new AmazonSNSConfig(amazonSNSRegion);
         snsClient = snsConfig.AmazonSNS();
-        SSMConfig ssmConfig = new SSMConfig();
-        ssm = ssmConfig.amazonSSM();
-        amazonSNSTopic = ssm.getProperty(legalTopicSnsArn).toString();
+        K8sLocalParameterProvider provider = new K8sLocalParameterProvider();
+        amazonSNSTopic = provider.getParameterAsString("legal-sns-topic-arn");
     }
 
     @Override
diff --git a/provider/legal-aws/src/main/resources/application.properties b/provider/legal-aws/src/main/resources/application.properties
index 08303fee0d8ca928e2fa0c73cee9b5fbef9b9b50..ad526a4e335f04f359155d45fda7faadd1ed5268 100644
--- a/provider/legal-aws/src/main/resources/application.properties
+++ b/provider/legal-aws/src/main/resources/application.properties
@@ -26,7 +26,6 @@ aws.sns.region=${AWS_REGION}
 
 aws.ssm=${SSM_ENABLED}
 aws.ssm.prefix=/osdu/${ENVIRONMENT}
-aws.legal.sns.topic.arn=${aws.ssm.prefix}/legal/legal-sns-topic-arn
 
 aws.s3.configbucket.ssm.relativePath=${CONFIG_BUCKET_SSM_RELATIVE_PATH:legal/s3DataBucket}
 aws.s3.configfilename.ssm.relativePath=${CONFIG_FILE_SSM_RELATIVE_PATH:legal/s3ConfigFileName}