diff --git a/ois-scanner/CHANGELOG.md b/ois-scanner/CHANGELOG.md
index 250eb5c..08af3d7 100644
--- a/ois-scanner/CHANGELOG.md
+++ b/ois-scanner/CHANGELOG.md
@@ -1,3 +1,7 @@
 # v1.16 -- 20200604
 
 * add version number, update tags
+
+# v1.17 -- 20200731
+
+* add variables from [it-windows-base](../it-windows-base)
diff --git a/ois-scanner/README.md b/ois-scanner/README.md
index cacc584..e52c791 100644
--- a/ois-scanner/README.md
+++ b/ois-scanner/README.md
@@ -34,10 +34,19 @@ module "ois-scanner" {
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| \_module\_version | Module version number | `string` | `"1.16"` | no |
-| name | Security group Name | `string` | `"ois-scanner"` | no |
-| tags | Extra security group tags | `map(string)` | <pre>{<br>  "CostAllocation": "csvd:infrastructure",<br>  "Environment": "csvd-infrastructure"<br>}</pre> | no |
-| vpc\_id | VPC ID Number | `any` | n/a | yes |
+| \_module\_version | Module version number | `string` | `"1.17"` | no |
+| description | Security Group Description | `string` | `"OIS Scanner Security Group"` | no |
+| egress\_networks | List of egress networks (all ports) | `list(string)` | <pre>[<br>  "0.0.0.0/0"<br>]</pre> | no |
+| egress\_security\_groups | List of egress security groups (all ports) | `list(string)` | `[]` | no |
+| enable\_self | Enable\|Disable self full access | `bool` | `false` | no |
+| ingress\_networks | List of ingress networks for external access (not all ports) | `list(string)` | <pre>[<br>  "0.0.0.0/0"<br>]</pre> | no |
+| ingress\_security\_groups | List of ingress security groups for all ports | `list(string)` | `[]` | no |
+| name | Security Group Name | `string` | `"ois-scanner"` | no |
+| short\_description | Security Group Short Description | `string` | `"OIS"` | no |
+| tags | Extra security group tags | `map` | <pre>{<br>  "CostAllocation": "csvd:infrastructure",<br>  "Environment": "csvd-infrastructure"<br>}</pre> | no |
+| use\_vpc\_cidr | Enable\|Disable use of VPC CIDR block in the ingress\_networks | `bool` | `false` | no |
+| vpc\_full\_name | VPC Name | `string` | `""` | no |
+| vpc\_id | VPC ID Number | `string` | n/a | yes |
 
 ## Outputs
 
diff --git a/ois-scanner/variables.tf b/ois-scanner/variables.tf
index 423b238..341ddc3 100644
--- a/ois-scanner/variables.tf
+++ b/ois-scanner/variables.tf
@@ -1,19 +1,83 @@
+#---
+# change between different modules as needed
+#---
+variable "name" {
+  description = "Security Group Name"
+  type        = string
+  default     = "ois-scanner"
+}
+
+variable "description" {
+  description = "Security Group Description"
+  type        = string
+  default     = "OIS Scanner Security Group"
+}
+
+variable "short_description" {
+  description = "Security Group Short Description"
+  type        = string
+  default     = "OIS"
+}
+
+variable "enable_self" {
+  description = "Enable|Disable self full access"
+  type        = bool
+  default     = false
+}
+
+variable "use_vpc_cidr" {
+  description = "Enable|Disable use of VPC CIDR block in the ingress_networks"
+  type        = bool
+  default     = false
+}
+
+#---
+# others with defaults
+#---
 variable "vpc_id" {
   description = "VPC ID Number"
+  type        = string
 }
 
-variable "name" {
-  description = "Security group Name"
-  default     = "ois-scanner"
+data "aws_vpc" "selected" {
+  id = "${var.vpc_id}"
+}
+
+variable "vpc_full_name" {
+  description = "VPC Name"
+  type        = string
+  default     = ""
+}
+
+variable "ingress_networks" {
+  description = "List of ingress networks for external access (not all ports)"
+  type        = list(string)
+  default     = ["0.0.0.0/0"]
+}
+
+variable "egress_networks" {
+  description = "List of egress networks (all ports)"
+  type        = list(string)
+  default     = ["0.0.0.0/0"]
+}
+
+variable "ingress_security_groups" {
+  description = "List of ingress security groups for all ports"
+  type        = list(string)
+  default     = []
+}
+
+variable "egress_security_groups" {
+  description = "List of egress security groups (all ports)"
+  type        = list(string)
+  default     = []
 }
 
 variable "tags" {
   description = "Extra security group tags"
-
-  type = map(string)
+  type        = map
   default = {
     "CostAllocation" = "csvd:infrastructure"
     "Environment"    = "csvd-infrastructure"
   }
 }
-
diff --git a/ois-scanner/version.tf b/ois-scanner/version.tf
index bb082f5..bd9d562 100644
--- a/ois-scanner/version.tf
+++ b/ois-scanner/version.tf
@@ -1,5 +1,5 @@
 variable "_module_version" {
   description = "Module version number"
   type        = string
-  default     = "1.16"
+  default     = "1.17"
 }