diff --git a/flowlogs/README.md b/flowlogs/README.md
index 54a28ae..d2686e9 100644
--- a/flowlogs/README.md
+++ b/flowlogs/README.md
@@ -67,7 +67,9 @@ No modules.
 | <a name="input_flowlog_bucket_arn"></a> [flowlog\_bucket\_arn](#input\_flowlog\_bucket\_arn) | S3 Bucket to hold the VPC flowlogs | `string` | n/a | yes |
 | <a name="input_flowlog_role_arn"></a> [flowlog\_role\_arn](#input\_flowlog\_role\_arn) | IAM Role with proper permissions to allow writing VPC flowlogs to cloudwatch logs and streamss | `string` | n/a | yes |
 | <a name="input_override_prefixes"></a> [override\_prefixes](#input\_override\_prefixes) | Override built-in prefixes by component. This should be used primarily for common infrastructure things | `map(string)` | `{}` | no |
+| <a name="input_private_subnet_ids"></a> [private\_subnet\_ids](#input\_private\_subnet\_ids) | List of private subnet IDs (not objects) | `list(string)` | `[]` | no |
 | <a name="input_private_subnets_ids"></a> [private\_subnets\_ids](#input\_private\_subnets\_ids) | List of private subnet objects including: subnet, label, availability\_zone, id | <pre>list(object({<br>    subnet            = string<br>    label             = string<br>    availability_zone = string<br>    id                = string<br>  }))</pre> | `[]` | no |
+| <a name="input_public_subnet_ids"></a> [public\_subnet\_ids](#input\_public\_subnet\_ids) | List of public subnet IDs (not objects) | `list(string)` | `[]` | no |
 | <a name="input_public_subnets_ids"></a> [public\_subnets\_ids](#input\_public\_subnets\_ids) | List of public subnet objects including: subnet, label, availability\_zone, id | <pre>list(object({<br>    subnet            = string<br>    label             = string<br>    availability_zone = string<br>    id                = string<br>  }))</pre> | `[]` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | AWS Tags to apply to appropriate resources (S3, KMS).  Do not include safeguard tags here, use the data\_safeguard field for such things. | `map(string)` | `{}` | no |
 | <a name="input_vpc_environment"></a> [vpc\_environment](#input\_vpc\_environment) | VPC environment purpose (infrastructure, common, shared, dev, stage, ite, prod) | `string` | `null` | no |
diff --git a/flowlogs/variables.tf b/flowlogs/variables.tf
index bc52806..ce5367f 100644
--- a/flowlogs/variables.tf
+++ b/flowlogs/variables.tf
@@ -7,3 +7,15 @@ variable "flowlog_role_arn" {
   description = "IAM Role with proper permissions to allow writing VPC flowlogs to cloudwatch logs and streamss"
   type        = string
 }
+
+variable "public_subnet_ids" {
+  description = "List of public subnet IDs (not objects)"
+  type        = list(string)
+  default     = []
+}
+
+variable "private_subnet_ids" {
+  description = "List of private subnet IDs (not objects)"
+  type        = list(string)
+  default     = []
+}