diff --git a/main.tf b/main.tf
index 78ee16a..2aade38 100644
--- a/main.tf
+++ b/main.tf
@@ -308,7 +308,6 @@ resource "aws_eks_addon" "kubecost" {
   cluster_name                = var.eks_cluster_name
   addon_name                  = "kubecost_kubecost"
   addon_version               = data.aws_eks_addon_version.kubecost.version
-  resolve_conflicts_on_create = "OVERWRITE"
   service_account_role_arn    = var.worker_iam_role_arn
   preserve                    = true
 
@@ -423,6 +422,7 @@ resource "helm_release" "metrics-server-vpa" {
 
 #defectdojo
 resource "kubernetes_namespace" "defectdojo" {
+  count      = var.defectdojo_enabled ? 1 : 0
   metadata {
     name = "defectdojo"
   }
diff --git a/modules/aws_node_termination_handler/aws_nth.yaml b/modules/aws_node_termination_handler/aws_nth.yaml
index d02f5d6..8dd2dd7 100644
--- a/modules/aws_node_termination_handler/aws_nth.yaml
+++ b/modules/aws_node_termination_handler/aws_nth.yaml
@@ -4,16 +4,6 @@ enablePrometheusServer: ${enable_service_monitor}
 podAnnotations:
   co.elastic.logs/enabled: "true"
 
-affinity:
-  nodeAffinity:
-    requiredDuringSchedulingIgnoredDuringExecution:
-      nodeSelectorTerms:
-      - matchExpressions:
-        - key: "Addons-Services"
-          operator: In
-          values:
-          - "true"
-
 resources:
   limits:
     cpu: 50m
diff --git a/modules/kubernetes-addons/aws-ebs-csi-driver/main.tf b/modules/kubernetes-addons/aws-ebs-csi-driver/main.tf
index fa2929b..0b04910 100644
--- a/modules/kubernetes-addons/aws-ebs-csi-driver/main.tf
+++ b/modules/kubernetes-addons/aws-ebs-csi-driver/main.tf
@@ -18,7 +18,6 @@ resource "aws_eks_addon" "aws_ebs_csi_driver" {
   cluster_name                = var.addon_context.eks_cluster_id
   addon_name                  = local.name
   addon_version               = try(var.addon_config.addon_version, data.aws_eks_addon_version.this.version)
-  resolve_conflicts_on_create = "OVERWRITE"
   service_account_role_arn    = local.create_irsa ? module.irsa_addon[0].irsa_iam_role_arn : try(var.addon_config.service_account_role_arn, null)
   preserve                    = try(var.addon_config.preserve, true)
 
diff --git a/modules/kubernetes-addons/aws-vpc-cni/main.tf b/modules/kubernetes-addons/aws-vpc-cni/main.tf
index abbbe44..6ac5e0c 100644
--- a/modules/kubernetes-addons/aws-vpc-cni/main.tf
+++ b/modules/kubernetes-addons/aws-vpc-cni/main.tf
@@ -15,7 +15,6 @@ resource "aws_eks_addon" "vpc_cni" {
   cluster_name                = var.addon_context.eks_cluster_id
   addon_name                  = local.name
   addon_version               = try(var.addon_config.addon_version, data.aws_eks_addon_version.this.version)
-  resolve_conflicts_on_create = "OVERWRITE"
   service_account_role_arn    = local.create_irsa ? module.irsa_addon[0].irsa_iam_role_arn : try(var.addon_config.service_account_role_arn, null)
   preserve                    = try(var.addon_config.preserve, true)