diff --git a/terraform/aws/analytical-platform-data-production/tooling-iam/tooling-integration-iam-policies.tf b/terraform/aws/analytical-platform-data-production/tooling-iam/tooling-integration-iam-policies.tf
index 5a2524f88d..294dd7bece 100644
--- a/terraform/aws/analytical-platform-data-production/tooling-iam/tooling-integration-iam-policies.tf
+++ b/terraform/aws/analytical-platform-data-production/tooling-iam/tooling-integration-iam-policies.tf
@@ -63,7 +63,14 @@ data "aws_iam_policy_document" "bedrock_integration" {
     }
   }
 }
-#tfsec:ignore:aws-iam-no-policy-wildcards
+
+resource "aws_iam_policy" "bedrock_integration" {
+  name        = "analytical-platform-bedrock-integration"
+  description = "Permissions needed to allow access to Bedrock in Frankfurt from tooling."
+  policy      = data.aws_iam_policy_document.bedrock_integration.json
+}
+
+#trivy:ignore:aws-iam-no-policy-wildcards
 data "aws_iam_policy_document" "quicksight_author" {
   #checkov:skip=CKV_AWS_111: This is a service policy
   #checkov:skip=CKV_AWS_356: Needs to access multiple resources
@@ -72,7 +79,7 @@ data "aws_iam_policy_document" "quicksight_author" {
     sid       = "CreateAuthor"
     effect    = "Allow"
     actions   = ["quicksight:CreateUser"]
-    resources = ["arn:aws:quicksight::593291632749:user/${data.aws_caller_identity.current.user_id}"]
+    resources = ["arn:aws:quicksight::${var.account_ids["analytical-platform-data-production"]}:user/$${aws:userid}"]
   }
 
   statement {
@@ -105,13 +112,8 @@ data "aws_iam_policy_document" "quicksight_author" {
     resources = ["*"]
   }
 }
-resource "aws_iam_policy" "bedrock_integration" {
-  name        = "analytical-platform-bedrock-integration"
-  description = "Permissions needed to allow access to Bedrock in Frankfurt from tooling."
-  policy      = data.aws_iam_policy_document.bedrock_integration.json
-}
+
 resource "aws_iam_policy" "quicksight_author" {
-  name        = "alpha-quicksight-author-access"
-  description = "Permissions needed to for author access to Quicksight"
-  policy      = data.aws_iam_policy_document.quicksight_author.json
+  name   = "alpha-quicksight-author-access"
+  policy = data.aws_iam_policy_document.quicksight_author.json
 }
diff --git a/terraform/aws/analytical-platform-development/cluster/tooling-integration-iam-policies.tf b/terraform/aws/analytical-platform-development/cluster/tooling-integration-iam-policies.tf
index cd70e992ad..1d54093f56 100644
--- a/terraform/aws/analytical-platform-development/cluster/tooling-integration-iam-policies.tf
+++ b/terraform/aws/analytical-platform-development/cluster/tooling-integration-iam-policies.tf
@@ -61,57 +61,8 @@ data "aws_iam_policy_document" "bedrock_integration" {
   }
 }
 
-#tfsec:ignore:aws-iam-no-policy-wildcards
-data "aws_iam_policy_document" "quicksight_author" {
-  #checkov:skip=CKV_AWS_111: This is a service policy
-  #checkov:skip=CKV_AWS_356: Needs to access multiple resources
-
-  statement {
-    sid       = "CreateAuthor"
-    effect    = "Allow"
-    actions   = ["quicksight:CreateUser"]
-    resources = ["arn:aws:quicksight::593291632749:user/${data.aws_caller_identity.current.user_id}"]
-  }
-
-  statement {
-    sid    = "QuicksightAuthor"
-    effect = "Allow"
-
-    actions = [
-      "quicksight:UpdateTemplate",
-      "quicksight:ListUsers",
-      "quicksight:UpdateDashboard",
-      "quicksight:CreateTemplate",
-      "quicksight:ListTemplates",
-      "quicksight:DescribeTemplate",
-      "quicksight:DescribeDataSource",
-      "quicksight:DescribeDataSourcePermissions",
-      "quicksight:PassDataSource",
-      "quicksight:UpdateDataSource",
-      "quicksight:UpdateDataSetPermissions",
-      "quicksight:DescribeDataSet",
-      "quicksight:DescribeDataSetPermissions",
-      "quicksight:PassDataSet",
-      "quicksight:DescribeIngestion",
-      "quicksight:ListIngestions",
-      "quicksight:UpdateDataSet",
-      "quicksight:DeleteDataSet",
-      "quicksight:CreateIngestion",
-      "quicksight:CancelIngestion"
-    ]
-
-    resources = ["*"]
-  }
-}
-
 resource "aws_iam_policy" "bedrock_integration" {
   name        = "analytical-platform-bedrock-integration"
   description = "Permissions needed to allow access to Bedrock in Frankfurt from tooling."
   policy      = data.aws_iam_policy_document.bedrock_integration.json
 }
-
-resource "aws_iam_policy" "quicksight_author" {
-  name        = "dev-quicksight-author-access"
-  description = "Permissions needed to for author access to Quicksight"
-  policy      = data.aws_iam_policy_document.quicksight_author.json
-}
diff --git a/terraform/aws/analytical-platform-development/tooling-iam/.terraform.lock.hcl b/terraform/aws/analytical-platform-development/tooling-iam/.terraform.lock.hcl
new file mode 100644
index 0000000000..cf295d493f
--- /dev/null
+++ b/terraform/aws/analytical-platform-development/tooling-iam/.terraform.lock.hcl
@@ -0,0 +1,25 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/aws" {
+  version     = "5.52.0"
+  constraints = "5.52.0"
+  hashes = [
+    "h1:J3LWKMuD1JwXmlleW3vJ7FHk/Dc+gCLgrpRtjBxZ5Ro=",
+    "zh:22c4599d47cd59e5519c52afc528fa2aec43b4434f369870ee2806daa071449d",
+    "zh:3c2edc482662a654f84db4cd3f2cdd8f200147207d053d2e95082744b7814e6d",
+    "zh:57edc36f908c64de37e92a978f3d675604315a725268da936fcd1e270199db47",
+    "zh:79e7afd5fb161f2eb2b7f8e7fd5cbb7f56a2c64f141b56f511ec69337ad3e96b",
+    "zh:82c6ae9a7f971b6ee8c476b6eb7f1be9d24ddd183cbf025f52628084ddb3a5ae",
+    "zh:92faecc0a8f573f57f37d24415862380a40341eb13d66beb738dd0873899a58e",
+    "zh:963d3c0e1aa22c872cd96f04ceb41c388137b972f714efbde989221bf7f6f723",
+    "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425",
+    "zh:af6d3bb94aa8a84d740e3731d2379cc5e12aa48d5db0f7489c4639f3814a22d7",
+    "zh:b9f7aceeaf5daf71394eab9bf0f9f56fdc762cac90e4d62e63aa3fcdf6c1c127",
+    "zh:c3dcfc2569edae4f36b798c76da7f7633e7bf322505d447d7c370a56c2a30dd2",
+    "zh:c8abb21c5ceba857f0eaff9e531d781dc655f8cdfae1cf056066daae72546a7f",
+    "zh:d92004a6a2a770d2542fd9c01b685418ab8d7ab422cf2cdce35dde789bc8593c",
+    "zh:dc794660b1d6d8f26a917e0ffab1875aa75144736875efaa60f29c72bf02afbf",
+    "zh:df931c4905e35ae43d558f6cda15f05710a7a24ecbb94533f8822e7572126512",
+  ]
+}
diff --git a/terraform/aws/analytical-platform-development/tooling-iam/terraform.tf b/terraform/aws/analytical-platform-development/tooling-iam/terraform.tf
new file mode 100644
index 0000000000..01bcefa2d7
--- /dev/null
+++ b/terraform/aws/analytical-platform-development/tooling-iam/terraform.tf
@@ -0,0 +1,38 @@
+terraform {
+  backend "s3" {
+    acl            = "private"
+    bucket         = "global-tf-state-aqsvzyd5u9"
+    encrypt        = true
+    key            = "aws/analytical-platform-development/tooling-iam/terraform.tfstate"
+    region         = "eu-west-2"
+    dynamodb_table = "global-tf-state-aqsvzyd5u9-locks"
+  }
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "5.52.0"
+    }
+  }
+  required_version = "~> 1.5"
+}
+
+provider "aws" {
+  region = "eu-west-1"
+  assume_role {
+    role_arn = "arn:aws:iam::${var.account_ids["analytical-platform-development"]}:role/GlobalGitHubActionAdmin"
+  }
+  default_tags {
+    tags = var.tags
+  }
+}
+
+provider "aws" {
+  alias  = "analytical-platform-management-production"
+  region = "eu-west-1"
+  assume_role {
+    role_arn = can(regex("AdministratorAccess", data.aws_iam_session_context.session.issuer_arn)) ? null : "arn:aws:iam::${var.account_ids["analytical-platform-management-production"]}:role/GlobalGitHubActionAdmin"
+  }
+  default_tags {
+    tags = var.tags
+  }
+}
diff --git a/terraform/aws/analytical-platform-development/tooling-iam/terraform.tfvars b/terraform/aws/analytical-platform-development/tooling-iam/terraform.tfvars
new file mode 100644
index 0000000000..a1c547e371
--- /dev/null
+++ b/terraform/aws/analytical-platform-development/tooling-iam/terraform.tfvars
@@ -0,0 +1,19 @@
+##################################################
+# General
+##################################################
+
+account_ids = {
+  analytical-platform-development           = "525294151996"
+  analytical-platform-management-production = "042130406152"
+}
+
+tags = {
+  business-unit          = "Platforms"
+  application            = "Analytical Platform"
+  component              = "Tooling IAM"
+  environment            = "development"
+  is-production          = "false"
+  owner                  = "analytical-platform:analytics-platform-tech@digital.justice.gov.uk"
+  infrastructure-support = "analytical-platform:analytics-platform-tech@digital.justice.gov.uk"
+  source-code            = "github.com/ministryofjustice/analytical-platform/terraform/aws/analytical-platform-development/tooling-iam"
+}
diff --git a/terraform/aws/analytical-platform-development/tooling-iam/tooling-integration-iam-policies.tf b/terraform/aws/analytical-platform-development/tooling-iam/tooling-integration-iam-policies.tf
new file mode 100644
index 0000000000..da5318297c
--- /dev/null
+++ b/terraform/aws/analytical-platform-development/tooling-iam/tooling-integration-iam-policies.tf
@@ -0,0 +1,47 @@
+#trivy:ignore:aws-iam-no-policy-wildcards
+data "aws_iam_policy_document" "quicksight_author" {
+  #checkov:skip=CKV_AWS_111: This is a service policy
+  #checkov:skip=CKV_AWS_356: Needs to access multiple resources
+
+  statement {
+    sid       = "CreateAuthor"
+    effect    = "Allow"
+    actions   = ["quicksight:CreateUser"]
+    resources = ["arn:aws:quicksight::${var.account_ids["analytical-platform-development"]}:user/$${aws:userid}"]
+  }
+
+  statement {
+    sid    = "QuicksightAuthor"
+    effect = "Allow"
+
+    actions = [
+      "quicksight:UpdateTemplate",
+      "quicksight:ListUsers",
+      "quicksight:UpdateDashboard",
+      "quicksight:CreateTemplate",
+      "quicksight:ListTemplates",
+      "quicksight:DescribeTemplate",
+      "quicksight:DescribeDataSource",
+      "quicksight:DescribeDataSourcePermissions",
+      "quicksight:PassDataSource",
+      "quicksight:UpdateDataSource",
+      "quicksight:UpdateDataSetPermissions",
+      "quicksight:DescribeDataSet",
+      "quicksight:DescribeDataSetPermissions",
+      "quicksight:PassDataSet",
+      "quicksight:DescribeIngestion",
+      "quicksight:ListIngestions",
+      "quicksight:UpdateDataSet",
+      "quicksight:DeleteDataSet",
+      "quicksight:CreateIngestion",
+      "quicksight:CancelIngestion"
+    ]
+
+    resources = ["*"]
+  }
+}
+
+resource "aws_iam_policy" "quicksight_author" {
+  name   = "alpha-quicksight-author-access"
+  policy = data.aws_iam_policy_document.quicksight_author.json
+}
diff --git a/terraform/aws/analytical-platform-development/tooling-iam/variables.tf b/terraform/aws/analytical-platform-development/tooling-iam/variables.tf
new file mode 100644
index 0000000000..3a33530903
--- /dev/null
+++ b/terraform/aws/analytical-platform-development/tooling-iam/variables.tf
@@ -0,0 +1,13 @@
+##################################################
+# General
+##################################################
+
+variable "account_ids" {
+  type        = map(string)
+  description = "Map of account names to account IDs"
+}
+
+variable "tags" {
+  type        = map(string)
+  description = "Map of tags to apply to resources"
+}