diff --git a/examples/.gitignore b/examples/.gitignore
new file mode 100644
index 0000000..9477745
--- /dev/null
+++ b/examples/.gitignore
@@ -0,0 +1 @@
+!*.tfvars
diff --git a/examples/dns-vpc-region-vpcN/apps/dns/variables.dns.auto.tfvars b/examples/dns-vpc-region-vpcN/apps/dns/variables.dns.auto.tfvars
new file mode 100644
index 0000000..649480f
--- /dev/null
+++ b/examples/dns-vpc-region-vpcN/apps/dns/variables.dns.auto.tfvars
@@ -0,0 +1,2 @@
+dns_zone_description_prefix = "{project} {environment}"
+dns_zone_create             = true
diff --git a/examples/ec2-add-dns/variables.ec2-dns.auto.tfvars b/examples/ec2-add-dns/variables.ec2-dns.auto.tfvars
new file mode 100644
index 0000000..b87a2fb
--- /dev/null
+++ b/examples/ec2-add-dns/variables.ec2-dns.auto.tfvars
@@ -0,0 +1,8 @@
+ec2_instance_names = [
+  "das-sci001",
+  "das-sci002",
+  "das-sci003",
+  "das-sci004",
+  "das-sci005",
+  "das-sci006",
+]
diff --git a/examples/ec2-vpc-region-vpcN-new/apps/test-instances/settings.auto.tfvars b/examples/ec2-vpc-region-vpcN-new/apps/test-instances/settings.auto.tfvars
new file mode 100644
index 0000000..f9a033e
--- /dev/null
+++ b/examples/ec2-vpc-region-vpcN-new/apps/test-instances/settings.auto.tfvars
@@ -0,0 +1,4 @@
+vpc_domain_name  = "tgw-test-domain"
+enable_instances = true
+enable_bootstrap = false
+instance_count   = null
diff --git a/examples/ec2-vpc-region-vpcN/apps/test-instances/settings.auto.tfvars b/examples/ec2-vpc-region-vpcN/apps/test-instances/settings.auto.tfvars
new file mode 100644
index 0000000..a0d8856
--- /dev/null
+++ b/examples/ec2-vpc-region-vpcN/apps/test-instances/settings.auto.tfvars
@@ -0,0 +1,4 @@
+vpc_domain_name  = "dev.das.rm.census.gov"
+enable_instances = true
+enable_bootstrap = false
+instance_count   = 1
diff --git a/examples/full-setup-tf-upgrade/apps/dns/variables.dns.auto.tfvars b/examples/full-setup-tf-upgrade/apps/dns/variables.dns.auto.tfvars
new file mode 100644
index 0000000..649480f
--- /dev/null
+++ b/examples/full-setup-tf-upgrade/apps/dns/variables.dns.auto.tfvars
@@ -0,0 +1,2 @@
+dns_zone_description_prefix = "{project} {environment}"
+dns_zone_create             = true
diff --git a/examples/full-setup-tf-upgrade/variables.nacls.auto.tfvars b/examples/full-setup-tf-upgrade/variables.nacls.auto.tfvars
new file mode 100644
index 0000000..98765e7
--- /dev/null
+++ b/examples/full-setup-tf-upgrade/variables.nacls.auto.tfvars
@@ -0,0 +1,6 @@
+nacl_additional_cidr_blocks_enterprise = {
+  other = [
+    #    "10.253.213.0/24",    # TI dev,qa environment for cumulus
+    #    "10.253.0.0/16",	   # TI cloud
+  ]
+}
diff --git a/examples/full-setup-tf-upgrade/variables.subnets.auto.tfvars b/examples/full-setup-tf-upgrade/variables.subnets.auto.tfvars
new file mode 100644
index 0000000..aa46af0
--- /dev/null
+++ b/examples/full-setup-tf-upgrade/variables.subnets.auto.tfvars
@@ -0,0 +1,18 @@
+public_subnets = [
+  ##  { base_cidr = "10.188.64.0/24", label = "public", bits = 2, private = false, tags = {} },
+]
+private_subnets = [
+  { base_cidr = "10.188.65.0/24", label = "endpoints", bits = 2, private = true, tags = {} },
+  { base_cidr = "10.188.66.0/23", label = "private-lb", bits = 2, private = true,
+    tags      = { "kubernetes.io/role/internal-elb" = 1 }
+  },
+  { base_cidr = "10.188.68.0/23", label = "db", bits = 2, private = true, tags = {} },
+  # { base_cidr = "10.188.70.0/23", label = "(free)", bits = 2, private = true, tags = {} },
+  { base_cidr = "10.188.72.0/22", label = "apps", bits = 2, private = true, tags = {} },
+  # { base_cidr = "10.188.76.0/22", label = "(free)", bits = 2, private = true, tags = {} },
+  { base_cidr = "10.188.80.0/21", label = "container", bits = 2, private = true,
+    tags = {
+      #      "kubernetes.io/cluster/dice-ite" = "shared"
+    },
+  }
+]
diff --git a/examples/full-setup-tf-upgrade/variables.vpc.auto.tfvars b/examples/full-setup-tf-upgrade/variables.vpc.auto.tfvars
new file mode 100644
index 0000000..4132a43
--- /dev/null
+++ b/examples/full-setup-tf-upgrade/variables.vpc.auto.tfvars
@@ -0,0 +1,20 @@
+vpc_name          = "dice-ite"
+vpc_cidr_block    = "10.188.64.0/19"
+vpc_index         = "4"
+vpc_short_name    = "vpc4"
+vpc_full_name     = "vpc4-dice-ite"
+vpc_environment   = "ite"
+vpc_domain_name   = "ite.dice.census.gov"
+vpc_dns_servers   = ["148.129.127.22", "148.129.191.22"]
+vpc_ntp_servers   = ["148.129.127.23", "148.129.191.23"]
+vpc_enable_igw    = false
+vpc_enable_nat    = false
+vpc_enable_vpn    = true
+vpc_enable_awsdns = true
+
+vpn_settings = [
+  { site = "hq", "bgp_asn_id" = 65510, "ip_address" = "148.129.163.NNN" },
+  { site = "bcc", "bgp_asn_id" = 65511, "ip_address" = "148.129.78.NNN" },
+]
+
+services_peer_settings = {}
diff --git a/examples/full-setup/apps/dns.old/variables.application_tags.auto.tfvars b/examples/full-setup/apps/dns.old/variables.application_tags.auto.tfvars
new file mode 100644
index 0000000..876d25b
--- /dev/null
+++ b/examples/full-setup/apps/dns.old/variables.application_tags.auto.tfvars
@@ -0,0 +1,16 @@
+# override CostAllocation with proper subcomponent like
+# tags = merge(
+#   var.application_tags,
+#   tomap({"CostAllocation"="dice:dev:mojo"}),
+# )
+
+# application_tags = {
+#   "Project Name"  = "PPSI_DICE"
+#   "ProjectNumber" = "FS0000000015"
+#   #  "CostAllocation" = "dice:dev:{subcomponent}"
+#   "CostAllocation" = "dice:dev"
+#   "Organization"   = "census:ocio:dice"
+#   "Environment"    = "development"
+# }
+
+application_tags = {}
diff --git a/examples/full-setup/apps/test-instances/settings.auto.tfvars b/examples/full-setup/apps/test-instances/settings.auto.tfvars
new file mode 100644
index 0000000..4ec4efc
--- /dev/null
+++ b/examples/full-setup/apps/test-instances/settings.auto.tfvars
@@ -0,0 +1 @@
+vpc_domain_name = "qa.dice.census.gov"
diff --git a/examples/vpc-additional-peer/peers/peer-alias_peer-region_peer_vpc_name/variables.peers.auto.tfvars b/examples/vpc-additional-peer/peers/peer-alias_peer-region_peer_vpc_name/variables.peers.auto.tfvars
new file mode 100644
index 0000000..3c7df59
--- /dev/null
+++ b/examples/vpc-additional-peer/peers/peer-alias_peer-region_peer_vpc_name/variables.peers.auto.tfvars
@@ -0,0 +1,13 @@
+# not for self -> do2-govcloud/{east,west}/vpc1-servies
+# https://github.e.it.census.gov/terraform/cloud-information/blob/master/aws/info/peer-nacl-assignments.md
+
+# ma8-gov vpc2-das-dev -> ma10-gov vpc1-das-common
+peer_settings = {
+  name           = "vpc1-das-common"
+  region         = "us-gov-west-1"
+  profile        = "412241963457-ma10-gov"
+  vpc_name       = "das-common"
+  vpc_short_name = "vpc1"
+  vpc_index      = 1
+  rule_number    = 500
+}
diff --git a/examples/vpc-transit-gateway-attachment/variables.vpc-transit-gateway.auto.tfvars b/examples/vpc-transit-gateway-attachment/variables.vpc-transit-gateway.auto.tfvars
new file mode 100644
index 0000000..ea30d7f
--- /dev/null
+++ b/examples/vpc-transit-gateway-attachment/variables.vpc-transit-gateway.auto.tfvars
@@ -0,0 +1,10 @@
+# set this to the correct values for either the SA or prod account.  You must also have acceess to a suitably 
+# privileged IAM profile with this name to the account.
+
+## network-sa
+#network_account_profile = "057445207498-ent-gov-network-sa"
+#tgw_label               = "sa"
+
+# network-prod
+network_account_profile = "057405694017-ent-gov-network-prod"
+tgw_label               = "prod"