diff --git a/vpc-remove-defaults/README.md b/vpc-remove-defaults/README.md
index 7c3cab2..aa0ddf2 100644
--- a/vpc-remove-defaults/README.md
+++ b/vpc-remove-defaults/README.md
@@ -51,7 +51,7 @@ To remove all the defaults, which is what we are required to do, you need a few
 tf-plan -target=module.vpc_defaults
 tf-apply -target=module.vpc_defaults
 tf-destory -target=module.vpc_defaults
-setup/delete-defaults.sh true |& tee setup/delete-defaults.sh.log
+setup/delete-defaults.sh true |& tee delete-defaults.sh.log
 ```
 Once all of the defaults are removed, you'll need to disable the associated .tf or remove the module code
 which brought in the defaults.  Running it a second time with no actual defaults will fail.
diff --git a/vpc-remove-defaults/main.tf b/vpc-remove-defaults/main.tf
index dba1422..b4bc081 100644
--- a/vpc-remove-defaults/main.tf
+++ b/vpc-remove-defaults/main.tf
@@ -52,7 +52,7 @@
 * tf-plan -target=module.vpc_defaults
 * tf-apply -target=module.vpc_defaults
 * tf-destory -target=module.vpc_defaults
-* setup/delete-defaults.sh true |& tee setup/delete-defaults.sh.log
+* setup/delete-defaults.sh true |& tee delete-defaults.sh.log
 * ```
 * Once all of the defaults are removed, you'll need to disable the associated .tf or remove the module code
 * which brought in the defaults.  Running it a second time with no actual defaults will fail.
diff --git a/vpc-remove-defaults/templates/delete-defaults.sh.tpl b/vpc-remove-defaults/templates/delete-defaults.sh.tpl
index 01e9fee..01752ba 100644
--- a/vpc-remove-defaults/templates/delete-defaults.sh.tpl
+++ b/vpc-remove-defaults/templates/delete-defaults.sh.tpl
@@ -29,7 +29,7 @@ fi
 
 if [ ! -z "${security_group}" ]
 then
-  echo "# AWS does not permit the delete of the default security group ${security_group}"
+  echo "# default security group ${security_group} removed after VPC is removed"
 #  echo "# aws --profile ${profile} --region ${region}  ec2 delete-security-group --group-id ${security_group} $DRYRUN"
 #  aws --profile ${profile} --region ${region}  ec2 delete-security-group --group-id ${security_group} $DRYRUN
 else
@@ -74,16 +74,18 @@ fi
 
 if [ ! -z "${network_acl}" ]
 then
-  echo "# aws --profile ${profile} --region ${region}  ec2 delete-network-acl --network-acl-id ${network_acl} $DRYRUN"
-  aws --profile ${profile} --region ${region}  ec2 delete-network-acl --network-acl-id ${network_acl} $DRYRUN
+  echo "# default network acl ${nework_acl} removed after VPC is removed"
+#  echo "# aws --profile ${profile} --region ${region}  ec2 delete-network-acl --network-acl-id ${network_acl} $DRYRUN"
+#  aws --profile ${profile} --region ${region}  ec2 delete-network-acl --network-acl-id ${network_acl} $DRYRUN
 else
   echo "# skipping delete network_acl, missing"
 fi
 
 if [ ! -z "${route_table}" ]
 then
-  echo "# aws --profile ${profile} --region ${region}  ec2 delete-route-table --route-table-id ${route_table} $DRYRUN"
-  aws --profile ${profile} --region ${region}  ec2 delete-route-table --route-table-id ${route_table} $DRYRUN
+  echo "# default route table ${route_table} removed after VPC is removed"
+#  echo "# aws --profile ${profile} --region ${region}  ec2 delete-route-table --route-table-id ${route_table} $DRYRUN"
+#  aws --profile ${profile} --region ${region}  ec2 delete-route-table --route-table-id ${route_table} $DRYRUN
 else
   echo "# skipping delete route_table, missing"
 fi