diff --git a/infra/deployments/forms/pipelines/apply-terraform.tf b/infra/deployments/forms/pipelines/apply-terraform.tf
index 234def6c9..8174a9702 100644
--- a/infra/deployments/forms/pipelines/apply-terraform.tf
+++ b/infra/deployments/forms/pipelines/apply-terraform.tf
@@ -103,6 +103,7 @@ resource "aws_codepipeline" "apply_terroform" {
         FullRepositoryId = "govuk-forms/forms-e2e-tests"
         BranchName       = "main"
         # TODO: we should version this repository appropriately, so we can pick specific versions
+        # https://trello.com/c/CboxmYA2/3452-version-forms-e2e-tests-so-we-can-pick-specific-versions
         DetectChanges        = false
         OutputArtifactFormat = "CODEBUILD_CLONE_REF"
       }
diff --git a/infra/deployments/forms/pipelines/deploy-forms-admin-container.tf b/infra/deployments/forms/pipelines/deploy-forms-admin-container.tf
index d993bdb8a..6d1f0d9aa 100644
--- a/infra/deployments/forms/pipelines/deploy-forms-admin-container.tf
+++ b/infra/deployments/forms/pipelines/deploy-forms-admin-container.tf
@@ -136,6 +136,7 @@ resource "aws_codepipeline" "deploy_admin_container" {
         FullRepositoryId = "govuk-forms/forms-e2e-tests"
         BranchName       = "main"
         # TODO: we should version this repository appropriately, so we can pick specific versions
+        # https://trello.com/c/CboxmYA2/3452-version-forms-e2e-tests-so-we-can-pick-specific-versions
         DetectChanges        = false
         OutputArtifactFormat = "CODEBUILD_CLONE_REF"
       }
diff --git a/infra/deployments/forms/pipelines/deploy-forms-product-page-container.tf b/infra/deployments/forms/pipelines/deploy-forms-product-page-container.tf
index 06b0f0e40..0296c2bc7 100644
--- a/infra/deployments/forms/pipelines/deploy-forms-product-page-container.tf
+++ b/infra/deployments/forms/pipelines/deploy-forms-product-page-container.tf
@@ -136,6 +136,7 @@ resource "aws_codepipeline" "deploy_product_pages_container" {
         FullRepositoryId = "govuk-forms/forms-e2e-tests"
         BranchName       = "main"
         # TODO: we should version this repository appropriately, so we can pick specific versions
+        # https://trello.com/c/CboxmYA2/3452-version-forms-e2e-tests-so-we-can-pick-specific-versions
         DetectChanges        = false
         OutputArtifactFormat = "CODEBUILD_CLONE_REF"
       }
diff --git a/infra/deployments/forms/pipelines/deploy-forms-runner-container.tf b/infra/deployments/forms/pipelines/deploy-forms-runner-container.tf
index 5afc6e1bf..1e1abf883 100644
--- a/infra/deployments/forms/pipelines/deploy-forms-runner-container.tf
+++ b/infra/deployments/forms/pipelines/deploy-forms-runner-container.tf
@@ -136,6 +136,7 @@ resource "aws_codepipeline" "deploy_runner_container" {
         FullRepositoryId = "govuk-forms/forms-e2e-tests"
         BranchName       = "main"
         # TODO: we should version this repository appropriately, so we can pick specific versions
+        # https://trello.com/c/CboxmYA2/3452-version-forms-e2e-tests-so-we-can-pick-specific-versions
         DetectChanges        = false
         OutputArtifactFormat = "CODEBUILD_CLONE_REF"
       }
diff --git a/infra/modules/deployer-access/manage-environment-policy.tf b/infra/modules/deployer-access/manage-environment-policy.tf
index 01aec448d..d0043fb32 100644
--- a/infra/modules/deployer-access/manage-environment-policy.tf
+++ b/infra/modules/deployer-access/manage-environment-policy.tf
@@ -26,6 +26,7 @@ data "aws_iam_policy_document" "acm_cert_with_dns_validation" {
     ]
     resources = [
       # TODO: Why does it need both regions?
+      # https://trello.com/c/enOX8GRF/3454-investigate-why-policy-document-acmcertwithdnsvalidation-needs-access-to-both-eu-west-2-and-us-east-1
       "arn:aws:acm:eu-west-2:${var.account_id}:certificate/*",
       "arn:aws:acm:us-east-1:${var.account_id}:certificate/*"
     ]
@@ -104,6 +105,7 @@ data "aws_iam_policy_document" "cloudfront" {
       "wafv2:*RegexPatternSet",
     ]
     # TODO: The scope of this should be cloudfront but for some reason it needs global
+    # https://trello.com/c/JCyMcRip/3455-investigate-why-managewafv2webacl-needs-global-scope-instead-of-just-cloudfront
     resources = [
       "arn:aws:wafv2:us-east-1:${var.account_id}:global/webacl/cloudfront_waf_${var.environment_name}/*",
       "arn:aws:wafv2:eu-west-2:${var.account_id}:regional/webacl/alb_${var.environment_name}/*",
diff --git a/infra/modules/deployer-access/policy.tf b/infra/modules/deployer-access/policy.tf
index a1b697fef..bd5abfd39 100644
--- a/infra/modules/deployer-access/policy.tf
+++ b/infra/modules/deployer-access/policy.tf
@@ -348,7 +348,7 @@ data "aws_iam_policy_document" "ses" {
       "sns:UntagResource",
     ]
     resources = [
-      "arn:aws:sns:eu-west-2:${var.account_id}:ses_bounces_and_complaints", # TODO: remove me once all envs use the new queues
+      "arn:aws:sns:eu-west-2:${var.account_id}:ses_bounces_and_complaints", # TODO: remove me once all envs use the new queues https://trello.com/c/BCDU9U7N/3456-remove-sesbouncesandcomplaints-sns-resource-if-all-environments-are-using-the-new-queues
       "arn:aws:sns:eu-west-2:${var.account_id}:auth0_ses_bounces_and_complaints",
       "arn:aws:sns:eu-west-2:${var.account_id}:submission_email_ses_bounces_and_complaints",
       "arn:aws:sns:eu-west-2:${var.account_id}:submission_email_ses_successful_deliveries",