diff --git a/salt/allowed_states.map.jinja b/salt/allowed_states.map.jinja
index 3c4de2229..0175953b0 100644
--- a/salt/allowed_states.map.jinja
+++ b/salt/allowed_states.map.jinja
@@ -35,6 +35,7 @@
           'influxdb',
           'grafana',
           'soc',
+          'kratos',
           'firewall',
           'idstools',
           'suricata.manager',
@@ -100,6 +101,7 @@
           'manager',
           'nginx',
           'soc',
+          'kratos',
           'firewall',
           'idstools',
           'suricata.manager',
@@ -123,6 +125,7 @@
           'influxdb',
           'grafana',
           'soc',
+          'kratos',
           'firewall',
           'idstools',
           'suricata.manager',
@@ -142,6 +145,7 @@
           'influxdb',
           'grafana',
           'soc',
+          'kratos',
           'firewall',
           'manager',
           'idstools',
@@ -172,6 +176,7 @@
           'influxdb',
           'grafana',
           'soc',
+          'kratos',
           'firewall',
           'idstools',
           'suricata.manager',
diff --git a/salt/soc/files/kratos/kratos.yaml b/salt/kratos/files/kratos.yaml
similarity index 100%
rename from salt/soc/files/kratos/kratos.yaml
rename to salt/kratos/files/kratos.yaml
diff --git a/salt/soc/files/kratos/schema.json b/salt/kratos/files/schema.json
similarity index 100%
rename from salt/soc/files/kratos/schema.json
rename to salt/kratos/files/schema.json
diff --git a/salt/kratos/init.sls b/salt/kratos/init.sls
new file mode 100644
index 000000000..664408f15
--- /dev/null
+++ b/salt/kratos/init.sls
@@ -0,0 +1,84 @@
+{% from 'allowed_states.map.jinja' import allowed_states %}
+{% if sls in allowed_states %}
+
+{% set VERSION = salt['pillar.get']('global:soversion', 'HH1.2.2') %}
+{% set IMAGEREPO = salt['pillar.get']('global:imagerepo') %}
+{% set MANAGER = salt['grains.get']('master') %}
+
+# Add Kratos Group
+kratosgroup:
+  group.present:
+    - name: kratos
+    - gid: 928
+
+# Add Kratos user
+kratos:
+  user.present:
+    - uid: 928
+    - gid: 928
+    - home: /opt/so/conf/kratos
+    
+kratosdir:
+  file.directory:
+    - name: /opt/so/conf/kratos/db
+    - user: 928
+    - group: 928
+    - makedirs: True
+
+kratoslogdir:
+  file.directory:
+    - name: /opt/so/log/kratos
+    - user: 928
+    - group: 928
+    - makedirs: True
+
+kratossync:
+  file.recurse:
+    - name: /opt/so/conf/kratos
+    - source: salt://kratos/files
+    - user: 928
+    - group: 928
+    - file_mode: 600
+    - template: jinja
+
+kratos_schema:
+  file.exists:
+    - name: /opt/so/conf/kratos/schema.json
+  
+kratos_yaml:
+  file.exists:
+    - name: /opt/so/conf/kratos/kratos.yaml
+
+so-kratos:
+  docker_container.running:
+    - image: {{ MANAGER }}:5000/{{ IMAGEREPO }}/so-kratos:{{ VERSION }}
+    - hostname: kratos
+    - name: so-kratos
+    - binds:
+      - /opt/so/conf/kratos/schema.json:/kratos-conf/schema.json:ro    
+      - /opt/so/conf/kratos/kratos.yaml:/kratos-conf/kratos.yaml:ro
+      - /opt/so/log/kratos/:/kratos-log:rw
+      - /opt/so/conf/kratos/db:/kratos-data:rw
+    - port_bindings:
+      - 0.0.0.0:4433:4433
+      - 0.0.0.0:4434:4434
+    - watch:
+      - file: /opt/so/conf/kratos
+    - require:
+      - file: kratos_schema
+      - file: kratos_yaml
+      - file: kratoslogdir
+      - file: kratosdir
+
+append_so-kratos_so-status.conf:
+  file.append:
+    - name: /opt/so/conf/so-status/so-status.conf
+    - text: so-kratos
+
+{% else %}
+
+{{sls}}_state_not_allowed:
+  test.fail_without_changes:
+    - name: {{sls}}_state_not_allowed
+
+{% endif %}
diff --git a/salt/manager/init.sls b/salt/manager/init.sls
index 860836762..50c204630 100644
--- a/salt/manager/init.sls
+++ b/salt/manager/init.sls
@@ -24,7 +24,7 @@ include:
   - elasticsearch.auth
   - kibana.secrets
   - salt.minion
-  - soc
+  - kratos
 
 socore_own_saltstack:
   file.directory:
diff --git a/salt/soc/init.sls b/salt/soc/init.sls
index 9751a601a..856f929bd 100644
--- a/salt/soc/init.sls
+++ b/salt/soc/init.sls
@@ -132,76 +132,6 @@ append_so-soc_so-status.conf:
     - name: /opt/so/conf/so-status/so-status.conf
     - text: so-soc
 
-# Add Kratos Group
-kratosgroup:
-  group.present:
-    - name: kratos
-    - gid: 928
-
-# Add Kratos user
-kratos:
-  user.present:
-    - uid: 928
-    - gid: 928
-    - home: /opt/so/conf/kratos
-    
-kratosdir:
-  file.directory:
-    - name: /opt/so/conf/kratos/db
-    - user: 928
-    - group: 928
-    - makedirs: True
-
-kratoslogdir:
-  file.directory:
-    - name: /opt/so/log/kratos
-    - user: 928
-    - group: 928
-    - makedirs: True
-
-kratossync:
-  file.recurse:
-    - name: /opt/so/conf/kratos
-    - source: salt://soc/files/kratos
-    - user: 928
-    - group: 928
-    - file_mode: 600
-    - template: jinja
-
-kratos_schema:
-  file.exists:
-    - name: /opt/so/conf/kratos/schema.json
-  
-kratos_yaml:
-  file.exists:
-    - name: /opt/so/conf/kratos/kratos.yaml
-
-so-kratos:
-  docker_container.running:
-    - image: {{ MANAGER }}:5000/{{ IMAGEREPO }}/so-kratos:{{ VERSION }}
-    - hostname: kratos
-    - name: so-kratos
-    - binds:
-      - /opt/so/conf/kratos/schema.json:/kratos-conf/schema.json:ro    
-      - /opt/so/conf/kratos/kratos.yaml:/kratos-conf/kratos.yaml:ro
-      - /opt/so/log/kratos/:/kratos-log:rw
-      - /opt/so/conf/kratos/db:/kratos-data:rw
-    - port_bindings:
-      - 0.0.0.0:4433:4433
-      - 0.0.0.0:4434:4434
-    - watch:
-      - file: /opt/so/conf/kratos
-    - require:
-      - file: kratos_schema
-      - file: kratos_yaml
-      - file: kratoslogdir
-      - file: kratosdir
-
-append_so-kratos_so-status.conf:
-  file.append:
-    - name: /opt/so/conf/so-status/so-status.conf
-    - text: so-kratos
-
 {% else %}
 
 {{sls}}_state_not_allowed:
diff --git a/salt/top.sls b/salt/top.sls
index e2c980e1d..84374316f 100644
--- a/salt/top.sls
+++ b/salt/top.sls
@@ -99,6 +99,7 @@ base:
     - influxdb
     - grafana
     - soc
+    - kratos
     - firewall
     - idstools
     - suricata.manager
@@ -167,6 +168,7 @@ base:
     - influxdb
     - grafana
     - soc
+    - kratos
     - firewall
     - manager
     - idstools
@@ -233,6 +235,7 @@ base:
     - influxdb
     - grafana
     - soc
+    - kratos
     - firewall
     - idstools
     - suricata.manager    
@@ -333,6 +336,7 @@ base:
     - influxdb
     - grafana
     - soc
+    - kratos
     - firewall
     - manager
     - idstools
@@ -453,6 +457,7 @@ base:
     - manager
     - nginx
     - soc
+    - kratos
     - firewall
     - idstools
     - suricata.manager
diff --git a/setup/so-setup b/setup/so-setup
index 144e08578..1893d252b 100755
--- a/setup/so-setup
+++ b/setup/so-setup
@@ -762,15 +762,12 @@ echo "1" > /root/accept_changes
 		salt-call state.apply -l info registry >> $setup_log 2>&1
 		docker_seed_registry # ~ 60% when finished
 		
-		set_progress_str 59 "$(print_salt_state_apply 'elasticsearch.auth')"
-		salt-call state.apply -l info elasticsearch.auth >> $setup_log 2>&1
+		set_progress_str 60 "$(print_salt_state_apply 'manager')"
+		salt-call state.apply -l info manager >> $setup_log 2>&1
 
 		echo "Executing so-elastic-auth..." >> $setup_log 2>&1
 		ELASTIC_AUTH_SKIP_HIGHSTATE=true bash /opt/so/saltstack/default/salt/common/tools/sbin/so-elastic-auth true >> $setup_log 2>&1
 		echo "Finished so-elastic-auth..." >> $setup_log 2>&1
-
-		set_progress_str 60 "$(print_salt_state_apply 'manager')"
-		salt-call state.apply -l info manager >> $setup_log 2>&1
 	fi
 
 	set_progress_str 61 "$(print_salt_state_apply 'firewall')"