diff --git a/README.md b/README.md
index 8cf9980..6a3c1e4 100644
--- a/README.md
+++ b/README.md
@@ -4,25 +4,170 @@ The [Oracle Cloud Infrastructure (OCI) Quick Start](https://github.com/oracle-qu
 
 The oci-quickstart-template repository contains the template that can be used for accelerating the construction of quickstarts that runs from local Terraform CLI, [OCI Resource Manager](https://docs.cloud.oracle.com/en-us/iaas/Content/ResourceManager/Concepts/resourcemanager.htm) and [OCI Cloud Shell](https://docs.cloud.oracle.com/en-us/iaas/Content/API/Concepts/cloudshellintro.htm).
 
-Simple is a sample application that deploys a standalone virtual machine from the Oracle Cloud Infrastructure Marketplace.
+Simple is a sample quickstart terraform template that deploys a virtual machine on a Virtual Cloud Network.
+Simple can be customized to subscribe and launch Marketplace images, Platform images or Custom images.
 
 This repo is under active development.  Building open source software is a community effort.  We're excited to engage with the community building this.
 
-## How this project is organized
+## Prerequisites
 
-Each application is stored on its own top level folder.
+First off we'll need to do some pre deploy setup.  That's all detailed [here](https://github.com/oracle/oci-quickstart-prerequisites).
 
-Within the simple application project there are 3 modules:
+## Resource Manager Deployment
 
-- [simple-cli](simple-cli): launch a simple VM that subscribes to a Marketplace Image running from Terraform CLI.
-- [simple-orm](simple-orm): Responsible for packaging the simple-cli module in OCI [Resource Manager Stack](https://docs.cloud.oracle.com/iaas/Content/ResourceManager/Tasks/managingstacksandjobs.htm) format.
-- [terraform-modules](terraform-modules): contains a list of re-usable terraform modules for managing infrastructure resources like vcn, subnets, security, etc.
+This Quick Start uses [OCI Resource Manager](https://docs.cloud.oracle.com/iaas/Content/ResourceManager/Concepts/resourcemanager.htm) to make deployment quite easy. Simply `build` your package and follow the [Resource Manager instructions](https://docs.cloud.oracle.com/en-us/iaas/Content/ResourceManager/Tasks/managingstacksandjobs.htm#console) for how to create a stack.  Prior to building the Stack, you may want to modify some parts of the deployment detailed in the sections below.
 
-## Prerequisites
+Make sure you have terraform v0.12+ cli installed and accessible from your terminal.
 
-First off we'll need to do some pre deploy setup.  That's all detailed [here](https://github.com/oracle/oci-quickstart-prerequisites).
+```bash
+terraform -v
+
+Terraform v0.12.24
++ provider.null v2.1.2
++ provider.oci v3.71.0
+```
+
+### Build
+
+In order to `build` the zip file with the latest changes you made to this code, you can simply go to [build-orm](./build-orm) folder and use terraform to generate a new zip file:
+
+At first time, you are required to initialize the terraform modules used by the template with  `terraform init` command:
+
+```bash
+$ terraform init
+
+Initializing the backend...
+
+Initializing provider plugins...
+- Checking for available provider plugins...
+- Downloading plugin for provider "archive" (hashicorp/archive) 1.3.0...
+
+The following providers do not have any version constraints in configuration,
+so the latest version was installed.
+
+To prevent automatic upgrades to new major versions that may contain breaking
+changes, it is recommended to add version = "..." constraints to the
+corresponding provider blocks in configuration, with the constraint strings
+suggested below.
+
+* provider.archive: version = "~> 1.3"
+
+Terraform has been successfully initialized!
+
+You may now begin working with Terraform. Try running "terraform plan" to see
+any changes that are required for your infrastructure. All Terraform commands
+should now work.
+
+If you ever set or change modules or backend configuration for Terraform,
+rerun this command to reinitialize your working directory. If you forget, other
+commands will detect it and remind you to do so if necessary.
+```
+
+Once terraform is initialized, just run `terraform apply` to generate ORM zip file.
+
+```bash
+$ terraform apply
+
+data.archive_file.generate_zip: Refreshing state...
+
+Apply complete! Resources: 0 added, 0 changed, 0 destroyed.
+```
+
+This command will package the content of `simple` folder into a zip and will store it in the `build-orm\dist` folder. You can check the content of the file by running `unzip -l dist/orm.zip`:
+
+```bash
+$ unzip -l dist/orm.zip
+Archive:  dist/orm.zip
+  Length      Date    Time    Name
+---------  ---------- -----   ----
+     5324  01-01-2049 00:00   README_simple.md
+     1140  01-01-2049 00:00   compute.tf
+      680  01-01-2049 00:00   data_sources.tf
+     1632  01-01-2049 00:00   image_subscription.tf
+     1359  01-01-2049 00:00   locals.tf
+    13540  01-01-2049 00:00   marketplace.yaml
+     2001  01-01-2049 00:00   network.tf
+     2478  01-01-2049 00:00   nsg.tf
+     1092  01-01-2049 00:00   outputs.tf
+       44  01-01-2049 00:00   scripts/example.sh
+     4848  01-01-2049 00:00   variables.tf
+       46  01-01-2049 00:00   versions.tf
+---------                     -------
+    34184                     12 files
+```
+
+### Deploy
+
+1. [Login](https://console.us-ashburn-1.oraclecloud.com/resourcemanager/stacks/create) to Oracle Cloud Infrastructure to import the stack
+    > `Home > Solutions & Platform > Resource Manager > Stacks > Create Stack`
+
+2. Upload the `orm.zip` and provide a name and description for the stack
+![Create Stack](./images/create_orm_stack.png)
+
+3. Configure the Stack. The UI will present the variables to the user dynamically, based on their selections. These are the configuration options:
+
+> Compute Configuration
+
+|          VARIABLE          |           DESCRIPTION                                                 |
+|----------------------------|-----------------------------------------------------------------------|
+|COMPUTE COMPARTMENT         | Compartment for Compute resources, including Marketplace subscription |
+|INSTANCE NAME               | Compute instance name|
+|DNS HOSTNAME LABEL          | DNS Hostname|
+|COMPUTE SHAPE               | Compatible Compute shape|
+|FLEX SHAPE OCPUS            | Number of OCPUs, only available for VM.Standard.E3.Flex compute shape|
+|AVAILABILITY DOMAIN         | Availability Domain|
+|PUBLIC SSH KEY STRING       | RSA PUBLIC SSH key string used for sign in to the OS|
+
+> Virtual Cloud Network
+
+|          VARIABLE          |           DESCRIPTION                                                 |
+|----------------------------|-----------------------------------------------------------------------|
+|NETWORK COMPARTMENT         | Compartment for all Virtual Cloud Nettwork resources|
+|NETWORK STRATEGY            | `Create New VCN and Subnet`: Create new network resources during apply. <br> `Use Existing VCN and Subnet`: Let user select pre-existent network resources.|
+|CONFIGURATION STRATEGY      | `Use Recommended Configuration`: Use default configuration defined by the Terraform template. <br> `Customize Network Configuration`: Allow user to customize network configuration such as name, dns label, cidr block for VCN and Subnet.|
+
+> Virtual Cloud Network - Customize Network Configuration
+
+|          VARIABLE          |           DESCRIPTION                                                 |
+|----------------------------|-----------------------------------------------------------------------|
+|NAME                        | VCN Display Name|
+|DNS LABEL                   | VCN DNS LABEL|
+|CIDR BLOCK                  | The CIDR of the new Virtual Cloud Network (VCN). If you plan to peer this VCN with another VCN, the VCNs must not have overlapping CIDRs.|
+
+> Simple Subnet (visible only when `Customize Network Configuration` is selected)
+
+|          VARIABLE          |           DESCRIPTION                                                 |
+|----------------------------|-----------------------------------------------------------------------|
+|SUBNET TYPE                 | `Public Subnet` or `Private Subnet`|
+|NAME                        | Subnet Display Name|
+|DNS LABEL                   | Subnet DNS LABEL|
+|CIDR BLOCK                  | The CIDR of the Subnet. Should not overlap with any other subnet CIDRs|
+|NETWORK SECURITY GROUP CONFIGURATION| `Use Recommended Configuration`: Use default configuration defined by the Terraform template. <br> `Customize Network Security Group`: Allow user to customize some basic network security group settings.|
+
+> Network Security Group (visible only when `Customize Network Security Group` is selected)
+
+|          VARIABLE          |           DESCRIPTION                                                 |
+|----------------------------|-----------------------------------------------------------------------|
+|NAME                        | NSG Display Name|
+|ALLOWED INGRESS TRAFFIC (CIDR BLOCK)| WHITELISTED CIDR BLOCK for ingress traffic|
+|SSH PORT NUMBER             | Default SSH PORT for ingress traffic|
+|HTTP PORT NUMBER            | Default HTTP PORT for ingress traffic|
+|HTTPS PORT NUMBER           | Default HTTPS PORT for ingress traffic|
+
+> Additional Configuration Options
+
+|          VARIABLE          |           DESCRIPTION                                                 |
+|----------------------------|-----------------------------------------------------------------------|
+|TAG KEY NAME                | Free-form tag key name|
+|TAG VALUE                   | Free-form tag value|
 
-## Deploying Simple
+4. Click Next and Review the configuration.
+5. Click Create button to confirm and create your ORM Stack.
+6. On Stack Details page, you can now run `Terraform` commands to manage your infrastructure. You typically start with a plan then run apply to create and make changes to the infrastructure. More details below:
 
-Detailed instructions for deploying Simple on Oracle Cloud Infrastructure can be found in the [simple](./simple/README.md) space.
+|      TERRAFORM ACTIONS     |           DESCRIPTION                                                 |
+|----------------------------|-----------------------------------------------------------------------|
+|Plan                        | `terraform plan` is used to create an execution plan. This command is a convenient way to check the execution plan prior to make any changes to the infrastructure resources.|
+|Apply                       | `terraform apply` is used to apply the changes required to reach the desired state of the configuration described by the template.|
+|Destroy                     | `terraform destroy` is used to destroy the Terraform-managed infrastructure.|
 
diff --git a/images/create_orm_stack.png b/images/create_orm_stack.png
new file mode 100644
index 0000000..2583641
Binary files /dev/null and b/images/create_orm_stack.png differ
diff --git a/images/mp-listing.png b/images/mp-listing.png
deleted file mode 100644
index e1aba49..0000000
Binary files a/images/mp-listing.png and /dev/null differ
diff --git a/images/oci-rm.png b/images/oci-rm.png
deleted file mode 100644
index a1ee5e9..0000000
Binary files a/images/oci-rm.png and /dev/null differ
diff --git a/images/tf-apply-done.png b/images/tf-apply-done.png
deleted file mode 100644
index c5d6a0c..0000000
Binary files a/images/tf-apply-done.png and /dev/null differ
diff --git a/images/tf-apply-orm.png b/images/tf-apply-orm.png
deleted file mode 100644
index c45fc62..0000000
Binary files a/images/tf-apply-orm.png and /dev/null differ
diff --git a/images/tf-apply1.png b/images/tf-apply1.png
deleted file mode 100644
index 319d2f9..0000000
Binary files a/images/tf-apply1.png and /dev/null differ
diff --git a/images/tf-apply2.png b/images/tf-apply2.png
deleted file mode 100644
index e95c183..0000000
Binary files a/images/tf-apply2.png and /dev/null differ
diff --git a/images/tf-destroy.png b/images/tf-destroy.png
deleted file mode 100644
index 49ec44f..0000000
Binary files a/images/tf-destroy.png and /dev/null differ
diff --git a/images/tf-init-orm.png b/images/tf-init-orm.png
deleted file mode 100644
index 37b72ca..0000000
Binary files a/images/tf-init-orm.png and /dev/null differ
diff --git a/images/tf-init.png b/images/tf-init.png
deleted file mode 100644
index ab81664..0000000
Binary files a/images/tf-init.png and /dev/null differ
diff --git a/images/tf-plan-orm.png b/images/tf-plan-orm.png
deleted file mode 100644
index 47cb8f7..0000000
Binary files a/images/tf-plan-orm.png and /dev/null differ
diff --git a/images/tf-plan1.png b/images/tf-plan1.png
deleted file mode 100644
index 3622e78..0000000
Binary files a/images/tf-plan1.png and /dev/null differ
diff --git a/images/tf-plan2.png b/images/tf-plan2.png
deleted file mode 100644
index 30f0331..0000000
Binary files a/images/tf-plan2.png and /dev/null differ
diff --git a/images/tf-version.png b/images/tf-version.png
deleted file mode 100644
index 4fa4f89..0000000
Binary files a/images/tf-version.png and /dev/null differ
diff --git a/images/unzip-l.png b/images/unzip-l.png
deleted file mode 100644
index 634e40c..0000000
Binary files a/images/unzip-l.png and /dev/null differ
diff --git a/locals.tf b/locals.tf
index a182bb4..8f2e253 100644
--- a/locals.tf
+++ b/locals.tf
@@ -24,6 +24,6 @@ locals {
   listing_resource_version = var.mp_listing_resource_version
 
   
-  is_flex_shape = var.vm_compute_shape == "VM.Standard.E3.Flex" ? [var.vm_compute_shape_ocpus]:[]
+  is_flex_shape = var.vm_compute_shape == "VM.Standard.E3.Flex" ? [var.vm_flex_shape_ocpus]:[]
     
 }
diff --git a/marketplace.yaml b/marketplace.yaml
index cf83a18..fc7d475 100644
--- a/marketplace.yaml
+++ b/marketplace.yaml
@@ -5,9 +5,9 @@ description: This is a Sample Marketplace Stack / ORM Application - BYOL
 schemaVersion: 1.1.0
 version: "20190304"
 
-# URL of Logo Icon used on Application Information tab. Logo must be 130x130 pixels.
+# URL of Logo Icon used on Application Information tab. You can copy the contentId from the Marketplace listing logo URL in the Marketplace Partner portal.
 # (Optional)
-logoUrl: https://cloudmarketplace.oracle.com/marketplace/content?contentId=1234
+logoUrl: https://cloudmarketplace.oracle.com/marketplace/content?contentId=71617800
 
 # Used in Application Information tab to Hyperlink Title and Logo to the Marketplace 
 # Listing.
@@ -20,79 +20,176 @@ source:
 
 locale: "en"
 variableGroups:
-  - title: "Hidden Variable Group"
+  - title: "Hidden Variable Group"    
     visible: false
     variables:
+#"variables used internally - not exposed to end user"    
       - tenancy_ocid 
       - region 
       - mp_listing_id
       - mp_listing_resource_id
       - mp_listing_resource_version   
       - availability_domain_number          
+      - mp_subscription_enabled      
+      - network_strategy_enum
+      - subnet_type_enum
+      - nsg_config_enum
+      #change compute.tf and move custom_image_id to Compute group in case you want to use a custom_image
+      - custom_image_id
 
   - title: "Compute Configuration"
     variables:
+      - compute_compartment_ocid
       - vm_display_name
+      - hostname_label      
       - vm_compute_shape
+      - vm_flex_shape_ocpus
       - availability_domain_name
       - ssh_public_key
+      
 
-
-  - title: "Network Configuration"
+  - title: "Virtual Cloud Network"
     variables:
-      - network_strategy 
+      - network_compartment_ocid
+      - network_strategy
+      - network_configuration_strategy      
       - vcn_id 
-      - vcn_display_name 
-      - vcn_cidr_block 
-      - vcn_dns_label            
-      - subnet_type 
-      - subnet_span 
+      - vcn_display_name       
+      - vcn_dns_label
+      - vcn_cidr_block              
+
+  - title: "Simple Subnet"
+    visible: #($network_strategy  == ""Use Existing VCN and Subnet"") OR (network_configuration_strategy ==  "Customize Network Configuration")
+      or:
+        - eq:         
+          - network_strategy 
+          - "Use Existing VCN and Subnet"    
+        - eq:
+          - network_configuration_strategy
+          - "Customize Network Configuration"
+    variables:
+      - subnet_type
       - subnet_id 
-      - subnet_display_name       
-      - subnet_cidr_block      
+      - subnet_display_name             
       - subnet_dns_label
+      - subnet_cidr_block            
+      - nsg_configuration_strategy
 
+  - title: "Network Security Group"
+    visible: #($nsg_configuration_strategy  ==  "Customize Network Security Group")
+      eq:
+        - nsg_configuration_strategy 
+        - "Customize Network Security Group"
+    variables:
+      - nsg_display_name
+      - nsg_source_cidr
+      - nsg_ssh_port
+      - nsg_http_port                              
+      - nsg_https_port
 
-  - title: "Additional Configuration"
+  - title: "Additional Configuration Options"
     variables:
-      - compartment_ocid
-      - nsg_whitelist_ip 
-      - nsg_display_name     
+      - tag_key_name
+      - tag_value
+
+
+######################################################
+##############          VARIABLES        #############
+######################################################
 
 variables:
   # Hidden variables
+
+######################################################
+##############    HIDDEN VARIABLES       #############
+######################################################
+
+
   tenancy_ocid:
     type: string
     title: Tenancy ID
     description: The Oracle Cloud Identifier (OCID) for your tenancy
     required: true
 
-  compartment_ocid:
-    type: oci:identity:compartment:id
-    required: true
-    title: Compartment
-    description: The compartment in which to create all resources
-
   region:
     type: oci:identity:region:name
     title: Region
     description: The region in which to create all resources
     required: true
 
+  availability_domain_number:
+    type: string    
+    required: false    
+    description: Availability Domain Number (Not used)
+
+######################################################
+##############   MARKETPLACE VARIABLES   #############
+######################################################
+
+  mp_listing_id:
+    type: string    
+    required: true    
+    description: Marketplace Listing ID
+
+  mp_listing_resource_id:
+    type: oci:core:image:id
+    required: true
+    description: Marketplace Image OCID
+    dependsOn:
+      compartmentId: compute_compartment_ocid
+
+  mp_listing_resource_version:
+    type: string
+    required: true
+    description: Marketplace Listing package version
+
+
+  mp_subscription_enabled:
+    type: boolean
+    title: Use Marketplace Image?
+    default: false
+
+  custom_image_id:
+    type: string
+    required: true
+    title: Custom Image OCID
+    # visible:
+    #   eq:
+    #     - mp_subscription_enabled
+    #     - false
+
+
+  tag_key_name:
+    type: string
+    required: true
+    title: Tag key name
+
+  tag_value:
+    type: string
+    required: true
+    title: Tag value
+
+
+######################################################
+##############    COMPUTE VARIABLES      #############
+######################################################
+
+  compute_compartment_ocid:
+    type: oci:identity:compartment:id
+    required: true
+    title: Compute Compartment
+    description: The compartment in which to create all Compute resources
+    default: compartment_ocid
+
   availability_domain_name:
     type: oci:identity:availabilitydomain:name
     dependsOn:
-      compartmentId: compartment_ocid
+      compartmentId: compute_compartment_ocid
     required: true
     default: 1
     title: Availability Domain
     description: Availability Domain
 
-  availability_domain_number:
-    type: string    
-    required: false    
-    description: Availability Domain Number (Not used)
-
   ssh_public_key:
     type: string
     required: true
@@ -102,7 +199,6 @@ variables:
   vm_display_name:
     type: string
     required: true
-    default: my-instance
     title: Instance Name
     description: The name of the Instance
 
@@ -112,25 +208,38 @@ variables:
     title: Compute Shape
     required: true
     dependsOn:
-      compartmentId: compartment_ocid
+      compartmentId: compute_compartment_ocid
       imageId: mp_listing_resource_id
+
+  vm_flex_shape_ocpus:
+    visible: #($vm_compute_shape  == ""VM.Standard.E3.Flex"")
+      eq:
+        - vm_compute_shape 
+        - "VM.Standard.E3.Flex"
+    type: integer
+    default: 2
+    title: Flex Shape OCPUs
+    minimum: 1
+    maximum: 64
+    required: false
+    
+  hostname_label:
+    type: string
+    required: false
+    title: DNS Hostname Label
       
-  mp_listing_id:
-    type: string    
-    required: true    
-    description: Marketplace Listing ID
 
-  mp_listing_resource_id:
-    type: oci:core:image:id
-    required: true
-    description: Marketplace Image OCID
-    dependsOn:
-      compartmentId: compartment_ocid
+######################################################
+##############     NETWORK VARIABLES     #############
+######################################################
 
-  mp_listing_resource_version:
-    type: string
+  network_compartment_ocid:
+    type: oci:identity:compartment:id
     required: true
-    description: Marketplace Listing package version
+    title: Network Compartment
+    description: The compartment in which to create all Network resources
+    default: compartment_ocid    
+
 
   # Network Type Options
   network_strategy:
@@ -143,43 +252,38 @@ variables:
     required: true
     default: "Create New VCN and Subnet"
 
-  subnet_type:
-    visible: #($network_strategy  == ""Create New VCN and Subnet"")
-      eq:
-        - network_strategy 
-        - "Create New VCN and Subnet"
-    type: enum
-    title: Subnet Type
-    description: Choose between private and public subnets
-    enum:
-      - "Private Subnet"
-      - "Public Subnet"
-    required: true
-    default: "Public Subnet"
 
-  subnet_span:
+  # Network Configuration
+  network_configuration_strategy:
     visible: #($network_strategy  == ""Create New VCN and Subnet"")
       eq:
         - network_strategy 
         - "Create New VCN and Subnet"
     type: enum
-    title: Subnet Span
-    description: Choose between regional and AD specific subnets
+    title: Configuration Strategy
+    description: Use recommended configuration or customize it
     enum:
-      - "Regional Subnet"
-      - "AD Specific Subnet"
+      - "Use Recommended Configuration"
+      - "Customize Network Configuration"
     required: true
-    default: "Regional Subnet"
+    default: "Use Recommended Configuration"
+
+
+
+######## VCN ########    
 
   vcn_display_name:
-    visible: #($network_strategy  == ""Create New VCN and Subnet"")
-      eq:
-        - network_strategy 
-        - "Create New VCN and Subnet"
+    visible: #($network_strategy  == ""Create New VCN and Subnet"") AND (network_configuration_strategy ==  "Customize Network Configuration")
+      and:
+        - eq: 
+          - network_strategy 
+          - "Create New VCN and Subnet"
+        - eq:
+          - network_configuration_strategy
+          - "Customize Network Configuration"
     type: string
-    default: my-vcn
     required: true
-    title: Virtual Cloud Network (VCN)
+    title: Name
     description: The name of the new Virtual Cloud Network (VCN)
 
   vcn_id:
@@ -189,32 +293,64 @@ variables:
         - "Use Existing VCN and Subnet"
     type: oci:core:vcn:id
     dependsOn:
-      compartmentId: compartment_ocid 
+      compartmentId: network_compartment_ocid 
     required: true
-    title: Existing Network
+    title: Existing VCN
     description: An existing Virtual Cloud Network (VCN) in which to create the compute instances, network resources, and load balancers. If not specified, a new VCN is created.
 
   vcn_cidr_block:
-    visible: #($network_strategy  == ""Create New VCN and Subnet"")
-      eq:
-        - network_strategy 
-        - "Create New VCN and Subnet"
+    visible: #($network_strategy  == ""Create New VCN and Subnet"") AND (network_configuration_strategy ==  "Customize Network Configuration")
+      and:
+        - eq: 
+          - network_strategy 
+          - "Create New VCN and Subnet"
+        - eq:
+          - network_configuration_strategy
+          - "Customize Network Configuration"
     type: string
     required: true
-    default: 10.0.0.0/16
     pattern: "^(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9]).(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9]).(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9]).(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])\\/(3[0-2]|[1-2]?[0-9])$"
-    title: VCN CIDR BLOCK
+    title: CIDR Block
     description: The CIDR of the new Virtual Cloud Network (VCN). If you plan to peer this VCN with another VCN, the VCNs must not have overlapping CIDRs.
 
+  vcn_dns_label:
+    visible: #($network_strategy  == ""Create New VCN and Subnet"") AND (network_configuration_strategy ==  "Customize Network Configuration")
+      and:
+        - eq: 
+          - network_strategy 
+          - "Create New VCN and Subnet"
+        - eq:
+          - network_configuration_strategy
+          - "Customize Network Configuration"
+    type: string
+    required: true
+    title: DNS Label
+    maxLenght: 15
+    description: VCN DNS Label. Only letters and numbers, starting with a letter. 15 characters max.    
+
+######## MANAGEMENT SUBNET ########
+  subnet_type:
+    visible: #($network_strategy  == ""Create New VCN and Subnet"")
+      eq:
+        - network_strategy 
+        - "Create New VCN and Subnet"
+    type: enum
+    title: Subnet Type
+    description: Choose between private and public subnets
+    enum:
+      - "Private Subnet"
+      - "Public Subnet"
+    required: true
+    default: "Public Subnet"
+    
   subnet_display_name:
     visible: #($network_strategy  == ""Create New VCN and Subnet"")
       eq:
         - network_strategy 
         - "Create New VCN and Subnet"
     type: string
-    default: my-subnet
     required: true
-    title: Subnet
+    title: Name
     description: The name of the new Subnet
 
   subnet_cidr_block:
@@ -223,10 +359,9 @@ variables:
         - network_strategy 
         - "Create New VCN and Subnet"
     type: string
-    default: 10.0.0.0/24
     pattern: "^(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9]).(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9]).(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9]).(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])\\/(3[0-2]|[1-2]?[0-9])$"
     required: true
-    title: Subnet CIDR
+    title: CIDR Block
     description: The CIDR of the new Subnet. The new subnet's CIDR should not overlap with any other subnet CIDRs.
 
   subnet_id:
@@ -237,22 +372,11 @@ variables:
     type: oci:core:subnet:id
     dependsOn:
       vcnId: vcn_id 
-      compartmentId: compartment_ocid 
+      compartmentId: network_compartment_ocid 
     default: ''
     required: true
     title: Existing Subnet
-    description: An existing subnet to use for compute instances. This subnet must already be present in the chosen VCN.
-
-  vcn_dns_label:
-    visible: #($network_strategy  == ""Create New VCN and Subnet"")
-      eq:
-        - network_strategy 
-        - "Create New VCN and Subnet"
-    type: string
-    required: true
-    default: myvcn
-    title: VCN DNS Label
-    description: VCN DNS Label. Only letters and numbers, starting with a letter. 15 characters max.    
+    description: An existing Management subnet. This subnet must already be present in the chosen VCN.
 
   subnet_dns_label:
     visible: #($network_strategy  == ""Create New VCN and Subnet"")
@@ -261,45 +385,91 @@ variables:
         - "Create New VCN and Subnet"
     type: string
     required: true
-    default: management
-    title: Subnet DNS Label
+    title: DNS Label
+    maxLenght: 15
     description: Subnet DNS Label. Only letters and numbers, starting with a letter. 15 characters max.    
 
-  nsg_whitelist_ip:
-    type: string
+######################################################
+##############    SECURITY VARIABLES     #############
+######################################################
+
+
+  nsg_configuration_strategy:
+    visible: true
+    type: enum
+    title: Network Security Group Configuration
+    description: Choose Network Security Rules Strategy
+    enum:
+      - "Use Recommended Configuration"
+      - "Customize Network Security Group"
     required: true
-    default: 0.0.0.0/0
-    title: Network Security Groups - Whitelisted IP
-    description: "Ingress connection to VM whitelisted from IP (range). Enter 0.0.0.0/0 or <your IP>/32"
+    default: "Use Recommended Configuration"
+
 
   nsg_display_name:
     type: string
-    required: true
-    default: my-network-security-group
-    title: Network Security Group
-    description: The name of the Network Security Group
+    required: false
+    title: Name
+    
+  nsg_ssh_port:
+    type: number
+    required: false
+    default: 22
+    title: SSH Port Number
+
+  nsg_http_port:
+    type: number
+    required: false
+    default: 80
+    title: HTTP Port Number
+
+  nsg_https_port:
+    type: number
+    required: false
+    default: 443
+    title: HTTPS Port Number
+
+  nsg_source_cidr:
+    type: string
+    required: false
+    default: "0.0.0.0/0"
+    title: Allowed Ingress Traffic (CIDR Block)
+
+
+
+
+#############################################
+###########    OUTPUT GROUPS     ############
+#############################################
 
 outputGroups:
-  - title: "Output"
+  - title: "Instance Management"
     outputs:
-      - ${instance_public_ip}
-      - ${instance_id}
+      - instance_public_ip
+      - instance_private_ip
+
+
+#############################################
+##############     OUTPUTS     ##############
+#############################################
 
 outputs:
-  application_url:
+  instance_https_url:
     type: link
-    title: Go to Application VM URL
+    title: Open Application URL
     visible: false
 
   instance_public_ip:
     type: link
     title: Public IP
-    visible: true
+    visible: #($mgmt_subnet_type == "Public Subnet")
+      eq:
+      - mgmt_subnet_type
+      - "Public Subnet"
   
   instance_private_ip:
     type: link
     title: Private IP
     visible: true
   
-primaryOutputButton: ${application_url}
-
+primaryOutputButton: instance_https_url
diff --git a/variables.tf b/variables.tf
index da78677..fbcfed0 100644
--- a/variables.tf
+++ b/variables.tf
@@ -60,8 +60,8 @@ variable "vm_compute_shape" {
 }
 
 # only used for E3 Flex shape
-variable "vm_compute_shape_ocpus" {
-  description = "Number of OCPUs"
+variable "vm_flex_shape_ocpus" {
+  description = "Flex Shape OCPUs"
   default = 1 
 }