diff --git a/terraform/environments/oasys-national-reporting/locals_ec2_autoscaling_groups.tf b/terraform/environments/oasys-national-reporting/locals_ec2_autoscaling_groups.tf
index facbb2843c4..a4ef7162bd4 100644
--- a/terraform/environments/oasys-national-reporting/locals_ec2_autoscaling_groups.tf
+++ b/terraform/environments/oasys-national-reporting/locals_ec2_autoscaling_groups.tf
@@ -40,5 +40,18 @@ locals {
         scale_down = { recurrence = "0 19 * * Mon-Fri", desired_capacity = 0 }
       }
     })
+
+    jumpserver = merge(local.ec2_instances.jumpserver, {
+      autoscaling_group = {
+        desired_capacity    = 1
+        max_size            = 1
+        force_delete        = true
+        vpc_zone_identifier = module.environment.subnets["private"].ids
+      }
+      autoscaling_schedules = {
+        scale_up   = { recurrence = "0 7 * * Mon-Fri" }
+        scale_down = { recurrence = "0 19 * * Mon-Fri", desired_capacity = 0 }
+      }
+    })
   }
 }
diff --git a/terraform/environments/oasys-national-reporting/locals_test.tf b/terraform/environments/oasys-national-reporting/locals_test.tf
index 22d3583217c..b77235cc897 100644
--- a/terraform/environments/oasys-national-reporting/locals_test.tf
+++ b/terraform/environments/oasys-national-reporting/locals_test.tf
@@ -133,10 +133,10 @@ locals {
           instance_profile_policies = concat(local.ec2_autoscaling_groups.bods.config.instance_profile_policies, [
             "Ec2SecretPolicy",
           ])
-          # user_data_raw = base64encode(templatefile(
-          #   "./templates/user-data-onr-bods-pwsh.yaml.tftpl", {
-          #   branch = "TM/TM-620/test-pagefile-change"
-          # }))
+          user_data_raw = base64encode(templatefile(
+            "./templates/user-data-onr-bods-pwsh.yaml.tftpl", {
+              branch = "TM/TM-659/make-user-data-scripts-idempotent"
+          }))
         })
         instance = merge(local.ec2_autoscaling_groups.bods.instance, {
           instance_type = "m4.xlarge"
@@ -147,6 +147,31 @@ locals {
         })
         cloudwatch_metric_alarms = null
       })
+
+      # TODO: this is just for testing, remove when not needed
+      t2-client-asg = merge(local.ec2_instances.jumpserver, {
+        autoscaling_group = merge(local.ec2_autoscaling_groups.jumpserver.autoscaling_group, {
+          desired_capacity = 0
+        })
+        config = merge(local.ec2_instances.jumpserver.config, {
+          instance_profile_policies = concat(local.ec2_instances.jumpserver.config.instance_profile_policies, [
+            "Ec2SecretPolicy",
+          ])
+          user_data_raw = base64encode(templatefile(
+            "../../modules/baseline_presets/ec2-user-data/user-data-pwsh.yaml.tftpl", {
+              branch = "TM/TM-659/make-user-data-scripts-idempotent"
+          }))
+        })
+        instance = merge(local.ec2_instances.jumpserver.instance, {
+          instance_type = "m4.large"
+        })
+        tags = merge(local.ec2_instances.jumpserver.tags, {
+          oasys-national-reporting-environment = "t2"
+          domain-name                          = "azure.noms.root"
+          server-type                          = "NartClient"
+        })
+        cloudwatch_metric_alarms = null
+      })
     }
 
     ec2_instances = {
diff --git a/terraform/environments/oasys-national-reporting/main.tf b/terraform/environments/oasys-national-reporting/main.tf
index a23f7e6d41b..2b34d448738 100644
--- a/terraform/environments/oasys-national-reporting/main.tf
+++ b/terraform/environments/oasys-national-reporting/main.tf
@@ -177,6 +177,11 @@ module "baseline" {
     lookup(local.baseline_environment_specific, "s3_buckets", {}),
   )
 
+  schedule_alarms_lambda = merge(
+    lookup(local.baseline_all_environments, "schedule_alarms_lambda", {}),
+    lookup(local.baseline_environment_specific, "schedule_alarms_lambda", {}),
+  )
+
   secretsmanager_secrets = merge(
     module.baseline_presets.secretsmanager_secrets,
     lookup(local.baseline_all_environments, "secretsmanager_secrets", {}),
diff --git a/terraform/environments/oasys-national-reporting/templates/user-data-onr-bods-pwsh.yaml.tftpl b/terraform/environments/oasys-national-reporting/templates/user-data-onr-bods-pwsh.yaml.tftpl
index 9329a892d73..34fbda7e3a2 100644
--- a/terraform/environments/oasys-national-reporting/templates/user-data-onr-bods-pwsh.yaml.tftpl
+++ b/terraform/environments/oasys-national-reporting/templates/user-data-onr-bods-pwsh.yaml.tftpl
@@ -134,4 +134,4 @@ tasks:
           [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 # since powershell 4 uses Tls1 as default
           Invoke-WebRequest "https://raw.githubusercontent.com/ministryofjustice/modernisation-platform-configuration-management/$${GitBranch}/powershell/Scripts/Run-GitScript.ps1" -OutFile "Run-GitScript.ps1"
           . ./Run-GitScript.ps1 $Script -GitBranch $GitBranch
-          Exit $LASTEXITCODE
+          Exit $LASTEXITCODE
\ No newline at end of file