diff --git a/README.md b/README.md
index 6b3a24d..338bd24 100644
--- a/README.md
+++ b/README.md
@@ -28,7 +28,7 @@ Currently, both the management and environment VPCs will be deployed in the same
 1. Install additional dependencies:
     * [Ansible](https://docs.ansible.com/ansible/latest/intro_installation.html)
     * [Packer](https://www.packer.io/)
-    * [Terraform](https://www.terraform.io/)
+    * [Terraform](https://www.terraform.io/) 0.11.0+
 1. Install Ansible dependencies.
 
     ```sh
diff --git a/terraform/mgmt/monitoring.tf b/terraform/mgmt/monitoring.tf
index e8ca5c3..6d82aed 100644
--- a/terraform/mgmt/monitoring.tf
+++ b/terraform/mgmt/monitoring.tf
@@ -5,3 +5,11 @@ module "alerting" {
   general_availability_protocol = "${var.general_availability_protocol}"
   general_availability_endpoint = "${var.general_availability_endpoint}"
 }
+
+module "ekk_stack" {
+  source = "github.com/GSA/devsecops-ekk-stack//terraform"
+
+  s3_logging_bucket_name = "${var.s3_logging_bucket_name}"
+  kinesis_delivery_stream = "${var.kinesis_delivery_stream}"
+  ekk_kinesis_stream_name = "${var.ekk_kinesis_stream_name}"
+}
diff --git a/terraform/mgmt/variables.tf b/terraform/mgmt/variables.tf
index 0e366ac..d569353 100644
--- a/terraform/mgmt/variables.tf
+++ b/terraform/mgmt/variables.tf
@@ -29,6 +29,18 @@ variable "general_availability_endpoint" {
   description = "The destination (such as an email address) to send the monitoring alerts to. More info under https://docs.aws.amazon.com/cli/latest/reference/sns/subscribe.html#options. Note that changing this value will require you to run a 'taint aws_sns_topic.sns_general_availability' before an 'apply'."
 }
 
+variable "s3_logging_bucket_name" {
+  default = "devsecops-logging"
+}
+
+variable "kinesis_delivery_stream" {
+  default = "devsecops-logging"
+}
+
+variable "ekk_kinesis_stream_name" {
+  default = "devsecops-logging-ekk"
+}
+
 variable "deployer_username" {
   default = "circleci-deployer"
   description = "Username for the AWS IAM user"