diff --git a/sensor_config.tf b/sensor_config.tf
index 7380f92..2653c23 100644
--- a/sensor_config.tf
+++ b/sensor_config.tf
@@ -1,5 +1,5 @@
 module "sensor_config" {
-  source = "github.com/corelight/terraform-config-sensor?ref=v1.0.0"
+  source = "github.com/corelight/terraform-config-sensor?ref=28.4.0-1"
 
   fleet_community_string                       = var.community_string
   fleet_token                                  = var.fleet_token
@@ -15,6 +15,8 @@ module "sensor_config" {
   sensor_health_check_http_port                = local.monitoring_health_check_port
   subnetwork_monitoring_gateway                = cidrhost(data.azurerm_subnet.mon_subnet.address_prefixes[0], 1)
   subnetwork_monitoring_cidr                   = data.azurerm_subnet.mon_subnet.address_prefix
+  fedramp_mode_enabled                         = var.fedramp_mode_enabled
+  prometheus_enabled                           = var.prometheus_enabled
   gzip_config                                  = true
   base64_encode_config                         = true
 }
diff --git a/variables.tf b/variables.tf
index 07d8aef..4d7a887 100644
--- a/variables.tf
+++ b/variables.tf
@@ -66,7 +66,7 @@ variable "fleet_server_sslname" {
 variable "sensor_admin_username" {
   description = "The name of the admin user on the corelight sensor VM in the VMSS"
   type        = string
-  default     = "ubuntu"
+  default     = "corelight"
 }
 
 variable "nat_gateway_ip_name" {
@@ -182,3 +182,15 @@ variable "fleet_no_proxy" {
   default     = ""
   description = "(optional) hosts or domains to bypass the proxy for fleet traffic"
 }
+
+variable "prometheus_enabled" {
+  type        = bool
+  default     = false
+  description = "(optional) enable Prometheus metrics"
+}
+
+variable "fedramp_mode_enabled" {
+  type        = bool
+  default     = false
+  description = "(optional) enable Fedramp mode"
+}
\ No newline at end of file