diff --git a/.github/workflows/abbey-grant-kit-generate-policy-input.yaml b/.github/workflows/abbey-grant-kit-generate-policy-input.yaml
new file mode 100644
index 0000000..c72e4cf
--- /dev/null
+++ b/.github/workflows/abbey-grant-kit-generate-policy-input.yaml
@@ -0,0 +1,32 @@
+name: Abbey Grant Kit Generate Policy Input
+
+on:
+  pull_request:
+jobs:
+  output-plan:
+    runs-on: ubuntu-latest
+    env:
+      TF_VAR_abbey_token: ${{ secrets.ABBEY_TOKEN }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Setup Terraform
+        id: setup
+        uses: hashicorp/setup-terraform@v2
+        with:
+          terraform_wrapper: false
+
+      - name: Terraform Init
+        id: init
+        run: terraform init
+        env:
+          TF_HTTP_USERNAME: quickstart-basic
+          TF_HTTP_PASSWORD: ${{ secrets.ABBEY_TOKEN }}
+
+      - name: Terraform Plan
+        id: plan
+        run: terraform plan -no-color -input=false -out=tfplan
+        env:
+          TF_HTTP_USERNAME: quickstart-basic
+          TF_HTTP_PASSWORD: ${{ secrets.ABBEY_TOKEN }}
diff --git a/.github/workflows/abbey-grant-kit-materialize.yaml b/.github/workflows/abbey-grant-kit-materialize.yaml
new file mode 100644
index 0000000..3716803
--- /dev/null
+++ b/.github/workflows/abbey-grant-kit-materialize.yaml
@@ -0,0 +1,35 @@
+name: Abbey Grant Kit Materialize
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  materialize:
+    runs-on: ubuntu-latest
+    env:
+      TF_VAR_abbey_token: ${{ secrets.ABBEY_TOKEN }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Setup Terraform
+        uses: hashicorp/setup-terraform@v2
+        with:
+          terraform_wrapper: false
+
+      - name: Terraform Init
+        id: init
+        run: terraform init
+        env:
+          TF_HTTP_USERNAME: quickstart-basic
+          TF_HTTP_PASSWORD: ${{ secrets.ABBEY_TOKEN }}
+
+      - name: Terraform Apply
+        if: github.ref == 'refs/heads/main' && github.event_name == 'push'
+        run: terraform apply -auto-approve -input=false
+        env:
+          TF_HTTP_USERNAME:   quickstart-basic
+          TF_HTTP_PASSWORD:   ${{ secrets.ABBEY_TOKEN }}
+          TF_VAR_abbey_token: ${{ secrets.ABBEY_TOKEN }}
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..f5311ae
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,40 @@
+# Created by https://www.toptal.com/developers/gitignore/api/terraform
+# Edit at https://www.toptal.com/developers/gitignore?templates=terraform
+
+### Terraform ###
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+crash.*.log
+
+# Exclude all .tfvars files, which are likely to contain sensitive data, such as
+# password, private keys, and other secrets. These should not be part of version
+# control as they are data points which are potentially sensitive and subject
+# to change depending on the environment.
+*.tfvars
+*.tfvars.json
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Include override files you do wish to add to version control using negated pattern
+# !example_override.tf
+
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+# example: *tfplan*
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc
+
+# End of https://www.toptal.com/developers/gitignore/api/terraform
\ No newline at end of file
diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl
new file mode 100644
index 0000000..b70fbb1
--- /dev/null
+++ b/.terraform.lock.hcl
@@ -0,0 +1,25 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/abbeylabs/abbey" {
+  version     = "0.2.6"
+  constraints = "0.2.6"
+  hashes = [
+    "h1:fSkLgUxZWUrXvBzaIO05/GOESP3zJ1Lfwo82MCkPbT8=",
+    "zh:03b2fa0a2365c2ab8605896d8d003e9367106bef5a1c11d7945ad8c7feb57856",
+    "zh:144309d65742aa428a02c6cf6a5ce45549bd846d04482753ccf10a8accec4732",
+    "zh:33ef99ec8c2921896e500aa2c8774adc830bd576c2c4531a7d60894449b9273d",
+    "zh:369d30425ef003e685a210faafc8692d3ecf9766b6f4228436aba204ccee2793",
+    "zh:41c68252104603490ab2bdc9cb0e5a8cace238aa6045213b58dbb7f21c7f2ac9",
+    "zh:49fd84c6299ad2b726f9b75aa67db2a1e1d8c90ff130fff730ae670f89a7b418",
+    "zh:6565f3fa67b22a8b968f046521ba6cc903c93a5ee3cb21524f41c586b6e1710d",
+    "zh:749a1f67e2401c0848052be4d2640eac5c436d92140414698c56bf12cd7b707e",
+    "zh:7812fd8aeb3fc83c1fb70af099ef2b6ebfd57411b37d6671859a021cbf351de9",
+    "zh:890df766e9b839623b1f0437355032a3c006226a6c200cd911e15ee1a9014e9f",
+    "zh:8ce4ce659bd39a667ee3fdc2dc8f51043be739081e9313ad6e6d36896b02b212",
+    "zh:a0a01094fe7f3d00a7807b0a6a024eed01f551616a37be6e0d16fb3b41ef30af",
+    "zh:a3e3d500f2c9d4944b9efa159d22cd66ddd9f2dfea4b7cbabc0e0d34b9c7b021",
+    "zh:aaf9adb152e7214cb79af46005a0948e9e375be856c43ca150602c0d4b9e6ee1",
+    "zh:b5856a283eaaf05cba730443471cd434460e294c2585a5f839cbf291153f856e",
+  ]
+}
diff --git a/LICENSE b/LICENSE
new file mode 100644
index 0000000..917d708
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2023 Abbey Labs
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..89fd7be
--- /dev/null
+++ b/README.md
@@ -0,0 +1,13 @@
+# Abbey Starter Kit Quickstart Example
+
+This Quickstart is an example for how to use Abbey Labs and set up a Grant Kit. By the end, you’ll be able to configure a Workflow for users to request and approve access to the [Abbey Demo Site](https://app.abbey.io/demo).
+
+## Usage
+
+Visit this [Starter Kit's docs](https://docs.abbey.io/getting-started/quickstart) for a short usage walkthrough.
+
+## :books: Learn More
+
+To learn more about Grant Kits and Grant Workflows, visit the following resources:
+
+-   [Abbey Labs Documentation](https://docs.abbey.io) - learn about automating access management with Abbey Labs.
diff --git a/main.tf b/main.tf
new file mode 100644
index 0000000..083ade4
--- /dev/null
+++ b/main.tf
@@ -0,0 +1,54 @@
+terraform {
+  backend "http" {
+    address        = "https://api.abbey.io/terraform-http-backend"
+    lock_address   = "https://api.abbey.io/terraform-http-backend/lock"
+    unlock_address = "https://api.abbey.io/terraform-http-backend/unlock"
+    lock_method    = "POST"
+    unlock_method  = "POST"
+  }
+
+  required_providers {
+    abbey = {
+      source = "abbeylabs/abbey"
+      version = "0.2.6"
+    }
+  }
+}
+
+provider "abbey" {
+  # Configuration options
+  bearer_auth = var.abbey_token
+}
+
+resource "abbey_grant_kit" "abbey_demo_site" {
+  name = "Abbey_Demo_Site"
+  description = <<-EOT
+    Grants access to Abbey's Demo Page.
+  EOT
+
+  workflow = {
+    steps = [
+      {
+        reviewers = {
+          one_of = ["replace-me@example.com"] # CHANGEME
+        }
+      }
+    ]
+  }
+
+  policies = [
+    { bundle = "github://replace-me-with-organization/replace-me-with-repo/policies" } # CHANGEME
+  ]
+
+  output = {
+    # Replace with your own path pointing to where you want your access changes to manifest.
+    # Path is an RFC 3986 URI, such as `github://{organization}/{repo}/path/to/file.tf`.
+    location = "github://replace-me-with-organization/replace-me-with-repo/access.tf" # CHANGEME
+    append = <<-EOT
+      resource "abbey_demo" "grant_read_write_access" {
+        permission = "read_write"
+        email = "{{ .data.system.abbey.identities.abbey.email }}"
+      }
+    EOT
+  }
+}
diff --git a/outputs.tf b/outputs.tf
new file mode 100644
index 0000000..e69de29
diff --git a/policies/common/.manifest b/policies/common/.manifest
new file mode 100644
index 0000000..fcacae3
--- /dev/null
+++ b/policies/common/.manifest
@@ -0,0 +1 @@
+{"roots": ["common"]}
diff --git a/policies/common/common.rego b/policies/common/common.rego
new file mode 100644
index 0000000..578e1b3
--- /dev/null
+++ b/policies/common/common.rego
@@ -0,0 +1,8 @@
+package common
+
+import data.abbey.functions
+
+allow[msg] {
+    functions.expire_after("0m")
+    msg := "granting access for 0 minutes"
+}
diff --git a/variables.tf b/variables.tf
new file mode 100644
index 0000000..f9e2365
--- /dev/null
+++ b/variables.tf
@@ -0,0 +1,5 @@
+variable "abbey_token" {
+  type = string
+  sensitive = true
+  description = "Abbey API Token"
+}