diff --git a/manifests/modules/networking/vpc-lattice/.workshop/terraform/main.tf b/manifests/modules/networking/vpc-lattice/.workshop/terraform/main.tf
index 9916218a9..f1b61120d 100644
--- a/manifests/modules/networking/vpc-lattice/.workshop/terraform/main.tf
+++ b/manifests/modules/networking/vpc-lattice/.workshop/terraform/main.tf
@@ -68,6 +68,8 @@ data "aws_vpc" "this" {
 }
 
 resource "kubernetes_manifest" "ui_nlb" {
+  depends_on = [module.eks_blueprints_addons]
+
   manifest = {
     "apiVersion" = "v1"
     "kind"       = "Service"
@@ -75,7 +77,7 @@ resource "kubernetes_manifest" "ui_nlb" {
       "name"      = "ui-nlb"
       "namespace" = "ui"
       "annotations" = {
-        "service.beta.kubernetes.io/aws-load-balancer-type"            = "external "
+        "service.beta.kubernetes.io/aws-load-balancer-type"            = "external"
         "service.beta.kubernetes.io/aws-load-balancer-scheme"          = "internet-facing"
         "service.beta.kubernetes.io/aws-load-balancer-nlb-target-type" = "instance"
       }
diff --git a/manifests/modules/security/eks-pod-identity/.workshop/terraform/main.tf b/manifests/modules/security/eks-pod-identity/.workshop/terraform/main.tf
index b4aa0fb64..231a4cdd2 100644
--- a/manifests/modules/security/eks-pod-identity/.workshop/terraform/main.tf
+++ b/manifests/modules/security/eks-pod-identity/.workshop/terraform/main.tf
@@ -26,6 +26,8 @@ resource "time_sleep" "wait" {
 }
 
 resource "kubernetes_manifest" "ui_nlb" {
+  depends_on = [module.eks_blueprints_addons]
+
   manifest = {
     "apiVersion" = "v1"
     "kind"       = "Service"
@@ -33,7 +35,7 @@ resource "kubernetes_manifest" "ui_nlb" {
       "name"      = "ui-nlb"
       "namespace" = "ui"
       "annotations" = {
-        "service.beta.kubernetes.io/aws-load-balancer-type"            = "external "
+        "service.beta.kubernetes.io/aws-load-balancer-type"            = "external"
         "service.beta.kubernetes.io/aws-load-balancer-scheme"          = "internet-facing"
         "service.beta.kubernetes.io/aws-load-balancer-nlb-target-type" = "instance"
       }
diff --git a/manifests/modules/security/irsa/.workshop/terraform/main.tf b/manifests/modules/security/irsa/.workshop/terraform/main.tf
index 5f974b101..bb66bb704 100644
--- a/manifests/modules/security/irsa/.workshop/terraform/main.tf
+++ b/manifests/modules/security/irsa/.workshop/terraform/main.tf
@@ -26,6 +26,8 @@ resource "time_sleep" "wait" {
 }
 
 resource "kubernetes_manifest" "ui_nlb" {
+  depends_on = [module.eks_blueprints_addons]
+
   manifest = {
     "apiVersion" = "v1"
     "kind"       = "Service"
@@ -33,7 +35,7 @@ resource "kubernetes_manifest" "ui_nlb" {
       "name"      = "ui-nlb"
       "namespace" = "ui"
       "annotations" = {
-        "service.beta.kubernetes.io/aws-load-balancer-type"            = "external "
+        "service.beta.kubernetes.io/aws-load-balancer-type"            = "external"
         "service.beta.kubernetes.io/aws-load-balancer-scheme"          = "internet-facing"
         "service.beta.kubernetes.io/aws-load-balancer-nlb-target-type" = "instance"
       }
diff --git a/website/docs/security/amazon-eks-pod-identity/verifying-dynamo.md b/website/docs/security/amazon-eks-pod-identity/verifying-dynamo.md
index 39a0f7add..cd0ad0be8 100644
--- a/website/docs/security/amazon-eks-pod-identity/verifying-dynamo.md
+++ b/website/docs/security/amazon-eks-pod-identity/verifying-dynamo.md
@@ -6,8 +6,9 @@ sidebar_position: 35
 Now, with the `carts` Service Account associated with the authorized IAM role, the `carts` Pod has permission to access the DynamoDB table. Access the web store again and navigate to the shopping cart.
 
 ```bash
-$ kubectl -n ui get service ui-nlb -o jsonpath='{.status.loadBalancer.ingress[*].hostname}{"\n"}'
-k8s-ui-uinlb-647e781087-6717c5049aa96bd9.elb.us-west-2.amazonaws.com
+$ LB_HOSTNAME=$(kubectl -n ui get service ui-nlb -o jsonpath='{.status.loadBalancer.ingress[*].hostname}{"\n"}')
+$ echo "http://$LB_HOSTNAME"
+http://k8s-ui-uinlb-647e781087-6717c5049aa96bd9.elb.us-west-2.amazonaws.com
 ```
 
 The `carts` Pod is able to reach the DynamoDB service and the shopping cart is now accessible!
diff --git a/website/docs/security/iam-roles-for-service-accounts/verifying-dynamo.md b/website/docs/security/iam-roles-for-service-accounts/verifying-dynamo.md
index bf13fae3d..fbcf5dd21 100644
--- a/website/docs/security/iam-roles-for-service-accounts/verifying-dynamo.md
+++ b/website/docs/security/iam-roles-for-service-accounts/verifying-dynamo.md
@@ -6,8 +6,9 @@ sidebar_position: 25
 Now, with the `carts` Service Account annotated with the authorized IAM role, the `carts` Pod has permission to access the DynamoDB table. Access the web store again and navigate to the shopping cart.
 
 ```bash
-$ kubectl get service -n ui ui-nlb -o jsonpath="{.status.loadBalancer.ingress[*].hostname}"
-k8s-ui-uinlb-647e781087-6717c5049aa96bd9.elb.us-west-2.amazonaws.com
+$ LB_HOSTNAME=$(kubectl -n ui get service ui-nlb -o jsonpath='{.status.loadBalancer.ingress[*].hostname}{"\n"}')
+$ echo "http://$LB_HOSTNAME"
+http://k8s-ui-uinlb-647e781087-6717c5049aa96bd9.elb.us-west-2.amazonaws.com
 ```
 
 The `carts` Pod is able to reach the DynamoDB service and the shopping cart is now accessible!