diff --git a/CHANGELOG.md b/CHANGELOG.md
index fd239b5..b4a9417 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,6 +8,12 @@
- sas
- add sas submodule, which can be used for a general module or a specific application module
+* v2.2.0 -- 20211022
+ - custom
+ - create custom submodule, requires port list passed
+
+# OLDER
+
## web
* v1.0.0 -- 20210604
diff --git a/common/version.tf b/common/version.tf
index 55a44df..d3e2658 100644
--- a/common/version.tf
+++ b/common/version.tf
@@ -1,3 +1,3 @@
locals {
- _module_version = "2.1.0"
+ _module_version = "2.2.0"
}
diff --git a/custom/README.md b/custom/README.md
new file mode 100644
index 0000000..5fb675f
--- /dev/null
+++ b/custom/README.md
@@ -0,0 +1,116 @@
+# About custom
+
+This describes how to use the aws-common-security-groups submodule for custom. This applies the framework
+for the common security groups to a set of ports of your own doing.
+
+You will need to provide a `ingress_port_list` list of the details, or a `ingress_port_map` which allows for a cleaner structure.
+This creates an egress rule permitting all outbound access.
+
+# Usage
+## Port list
+
+```hcl
+module "mysg" {
+ source = "git@github.e.it.census.gov:terraform-modules/aws-common-security-groups.git//custom"
+
+ vpc_id = var.vpc_id
+ name = "mysg"
+ description = "Security group for my"
+ short = "MY"
+ ingress_port_list = [
+ [8080, 8080, "tcp", "http", ["0.0.0.0/0"]],
+ [8443, 8443, "tcp", "https", ["0.0.0.0/0"]],
+ ]
+ tags = merge(
+ local.common_tags,
+ tomap({ "Name" = "mysg" }),
+ )
+}
+```
+
+## Port Map
+
+```hcl
+module "mysg" {
+ source = "git@github.e.it.census.gov:terraform-modules/aws-common-security-groups.git//custom"
+
+ vpc_id = var.vpc_id
+ name = "mysg"
+ description = "Security group for my"
+ short = "MY"
+ ingress_port_map = [
+ {
+ from = 8080
+ to = 8080
+ proto = "tcp"
+ description = "http"
+ cidr = ["0.0.0.0/0"]
+ },
+ {
+ from = 8443
+ to = 8443
+ proto = "tcp"
+ description = "http"
+ cidr = ["0.0.0.0/0"]
+ },
+ ]
+ tags = merge(
+ local.common_tags,
+ tomap({ "Name" = "mysg" }),
+ )
+}
+```
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 0.12 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| [aws](#provider\_aws) | n/a |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_security_group.this_security_group](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |
+| [aws_arn.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/arn) | data source |
+| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
+| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
+| [aws_security_group.egress_security_groups](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/security_group) | data source |
+| [aws_security_group.ingress_security_groups](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/security_group) | data source |
+| [aws_vpc.this_vpc](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/vpc) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [description](#input\_description) | Security Group Description | `string` | `""` | no |
+| [egress\_networks](#input\_egress\_networks) | List of egress networks (with all pre-defined egress ports) | `list(string)` | `[]` | no |
+| [egress\_security\_groups](#input\_egress\_security\_groups) | List of egress security groups (all ports) | `list(string)` | `[]` | no |
+| [enable\_self](#input\_enable\_self) | Enable\|Disable self full access | `bool` | `false` | no |
+| [ingress\_networks](#input\_ingress\_networks) | List of ingress networks for access (with all pre-defined ingress ports) | `list(string)` | `[]` | no |
+| [ingress\_port\_list](#input\_ingress\_port\_list) | Ingress port list of 5-tuple: from, to, proto, description, and cidr(list) | `list` | `[]` | no |
+| [ingress\_port\_map](#input\_ingress\_port\_map) | Ingress port list of objects: from, to, proto, description and cidr(list) | list(object({
from = number
to = number
proto = any
description = string
cidr = list(string)
})) | `[]` | no |
+| [ingress\_security\_groups](#input\_ingress\_security\_groups) | List of ingress security groups for all ports | `list(string)` | `[]` | no |
+| [name](#input\_name) | Security Group Name (required) | `string` | n/a | yes |
+| [short\_description](#input\_short\_description) | Security Group Short Description | `string` | `""` | no |
+| [tags](#input\_tags) | Extra security group tags | `map` | `{}` | no |
+| [use\_vpc\_cidr](#input\_use\_vpc\_cidr) | Enable\|Disable use of VPC CIDR block in the ingress\_networks | `bool` | `false` | no |
+| [vpc\_full\_name](#input\_vpc\_full\_name) | VPC Name | `string` | `""` | no |
+| [vpc\_id](#input\_vpc\_id) | VPC ID Number | `string` | n/a | yes |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [this\_security\_group\_arn](#output\_this\_security\_group\_arn) | Created security group ARN |
+| [this\_security\_group\_id](#output\_this\_security\_group\_id) | Created security group ID |
diff --git a/custom/data.tf b/custom/data.tf
new file mode 120000
index 0000000..995624d
--- /dev/null
+++ b/custom/data.tf
@@ -0,0 +1 @@
+../common/data.tf
\ No newline at end of file
diff --git a/custom/data.vpc.tf b/custom/data.vpc.tf
new file mode 120000
index 0000000..197ea98
--- /dev/null
+++ b/custom/data.vpc.tf
@@ -0,0 +1 @@
+../common/data.vpc.tf
\ No newline at end of file
diff --git a/custom/defaults.tf b/custom/defaults.tf
new file mode 100644
index 0000000..d314d14
--- /dev/null
+++ b/custom/defaults.tf
@@ -0,0 +1,7 @@
+locals {
+ _defaults = {
+ name = "{{ name }}"
+ description = "Security group for application"
+ short_description = "SG"
+ }
+}
diff --git a/custom/logs/fmt.20211022.1634928634.log b/custom/logs/fmt.20211022.1634928634.log
new file mode 100644
index 0000000..b0b0b99
--- /dev/null
+++ b/custom/logs/fmt.20211022.1634928634.log
@@ -0,0 +1,38 @@
+# starting v1.4.4 action fmt file logs/fmt.20211022.1634928634.log stamp 20211022.1634928634 time 1634928634
+
+�[31m
+�[1m�[31mError: �[0m�[0m�[1mArgument or block definition required�[0m
+
+�[0m on main.tf line 38:
+ (source code not available)
+
+An argument or block definition is required here.
+�[0m�[0m
+�[31m
+�[1m�[31mError: �[0m�[0m�[1mInvalid character�[0m
+
+�[0m on main.tf line 40:
+ (source code not available)
+
+The "`" character is not valid. To create a multi-line string, use the
+"heredoc" syntax, like "< 0 ? [for p in local.ports : zipmap(local.p_fields, p)] : var.ingress_port_map
+ port_map = { "external" = local.p_map }
+}
diff --git a/custom/resources.tf b/custom/resources.tf
new file mode 120000
index 0000000..6dd8c84
--- /dev/null
+++ b/custom/resources.tf
@@ -0,0 +1 @@
+../common/resources.tf
\ No newline at end of file
diff --git a/custom/settings.tf b/custom/settings.tf
new file mode 100644
index 0000000..ffe1549
--- /dev/null
+++ b/custom/settings.tf
@@ -0,0 +1,7 @@
+locals {
+ name = var.name != "" ? var.name : local._defaults["name"]
+ is_modular = var.name == "" || length(regexall("^m-", var.name)) > 0
+ enable_self = var.enable_self ? ! local.is_modular : false
+ description = var.description != "" ? var.description : local._defaults["description"]
+ short_description = var.short_description != "" ? var.short_description : local._defaults["short_description"]
+}
diff --git a/custom/variables.common.tf b/custom/variables.common.tf
new file mode 120000
index 0000000..7439ed8
--- /dev/null
+++ b/custom/variables.common.tf
@@ -0,0 +1 @@
+../common/variables.common.tf
\ No newline at end of file
diff --git a/custom/variables.tf b/custom/variables.tf
new file mode 100644
index 0000000..4297e14
--- /dev/null
+++ b/custom/variables.tf
@@ -0,0 +1,36 @@
+variable "name" {
+ description = "Security Group Name (required)"
+ type = string
+}
+
+variable "description" {
+ description = "Security Group Description"
+ type = string
+ default = ""
+}
+
+variable "short_description" {
+ description = "Security Group Short Description"
+ type = string
+ default = ""
+}
+
+
+variable "ingress_port_list" {
+ description = "Ingress port list of 5-tuple: from, to, proto, description, and cidr(list)"
+ # type = list(tuple([number, number, any, string, list]))
+ default = []
+}
+
+variable "ingress_port_map" {
+ description = "Ingress port list of objects: from, to, proto, description and cidr(list)"
+ type = list(object({
+ from = number
+ to = number
+ proto = any
+ description = string
+ cidr = list(string)
+ }))
+ default = []
+}
+
diff --git a/custom/variables.vpc.tf b/custom/variables.vpc.tf
new file mode 120000
index 0000000..11a6813
--- /dev/null
+++ b/custom/variables.vpc.tf
@@ -0,0 +1 @@
+../common/variables.vpc.tf
\ No newline at end of file
diff --git a/custom/version.tf b/custom/version.tf
new file mode 120000
index 0000000..b83c5b7
--- /dev/null
+++ b/custom/version.tf
@@ -0,0 +1 @@
+../common/version.tf
\ No newline at end of file
diff --git a/custom/versions.tf b/custom/versions.tf
new file mode 120000
index 0000000..41bb22f
--- /dev/null
+++ b/custom/versions.tf
@@ -0,0 +1 @@
+../common/versions.tf
\ No newline at end of file