diff --git a/modules/compute/ec2/README.md b/modules/compute/ec2/README.md
new file mode 100644
index 0000000..ce21816
--- /dev/null
+++ b/modules/compute/ec2/README.md
@@ -0,0 +1,45 @@
+# ec2 module
+This module deploys EC2 instance. 
+
+# Input
+Below is a sample config in the root module, which shows all of the inputs
+```
+module "deployer-ec2" {
+  source = "../../../../whk1-bea-sys-ss-dev-codecommit-sharedmodules/Compute/ec2"
+
+  ami-id           = data.aws_ami.al2-ami.id
+  asso-eip         = false
+  asso-public-ip   = false
+  default-tags     = local.default_tags
+  ebs-encrypted    = true
+  instance-name    = "whk1-bea-sys-ss-${var.environment}-test"
+  instance-type    = "t3.micro"
+  key-name         = aws_key_pair.deployer-sshkey.key_name
+  kms-key-id       = var.kms-key-arn
+  root-volume-size = "15"
+  security-groups  = [aws_security_group.deployer-sg.id]
+  subnet-id        = var.subnet-id
+  instance-profile = "example-instanec-profile"
+  additional_tags = {
+    "AwsBackup" : "Daily14"
+    "ssm-patching" : "group1"
+  }
+  data-volumes = {
+    volume1 = {
+      size       : "10"
+      type       : "gp3"
+    }
+  }
+}
+```
+
+# Outputs
+| Name | Value |
+| - | - |
+| instance-id | Instance ID | 
+| private-ip | Private IP of instance |
+
+# Limitation
+Up to 26 data volumes can be attached to the ec2 instance. To attach even more volumes, please do it in
+your root module
+
diff --git a/modules/compute/ec2/main.tf b/modules/compute/ec2/main.tf
index 893725a..382102a 100644
--- a/modules/compute/ec2/main.tf
+++ b/modules/compute/ec2/main.tf
@@ -5,10 +5,13 @@ resource "aws_instance" "ec2-instance" {
   // availability_zone = var.az
   iam_instance_profile = var.instance-profile
   key_name             = var.key-name
+  private_ip           = var.private-ip
   root_block_device {
-    encrypted   = var.ebs-encrypted
-    volume_size = var.root-volume-size
-    volume_type = var.root-volume-type
+    encrypted             = var.ebs-encrypted
+    volume_size           = var.root-volume-size
+    volume_type           = var.root-volume-type
+    kms_key_id            = var.kms-key-id
+    delete_on_termination = var.delete-on-termination
   }
   ebs_optimized          = true
   subnet_id              = var.subnet-id
@@ -21,6 +24,30 @@ resource "aws_instance" "ec2-instance" {
   )
 }
 
+resource "aws_ebs_volume" "data-volumes" {
+  for_each          = var.data-volumes
+  availability_zone = aws_instance.ec2-instance.availability_zone
+  size              = each.value["size"]
+  type              = each.value["type"]
+  kms_key_id = aws_instance.ec2-instance.root_block_device[0].kms_key_id
+  encrypted  = aws_instance.ec2-instance.root_block_device[0].encrypted
+  tags       = merge(var.default-tags, { "Name" : "${var.instance-name}-${each.key}" })
+}
+
+locals {
+  # limited to 26 volumes
+  a_to_z = split(",", "a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z")
+}
+
+
+resource "aws_volume_attachment" "data-volume-attachments" {
+  count = length(aws_ebs_volume.data-volumes)
+  volume_id   = [for v in aws_ebs_volume.data-volumes : v.id][count.index]
+  instance_id = aws_instance.ec2-instance.id
+  device_name = "/dev/xvda${element(local.a_to_z, count.index)}"
+}
+
+
 resource "aws_eip" "ec2-eip" {
   count    = var.asso-eip ? 1 : 0
   instance = aws_instance.ec2-instance.id
diff --git a/modules/compute/ec2/outputs.tf b/modules/compute/ec2/outputs.tf
index 5f8b258..8c6a9aa 100644
--- a/modules/compute/ec2/outputs.tf
+++ b/modules/compute/ec2/outputs.tf
@@ -4,3 +4,10 @@ output ec2-id-ip {
     private-ip = aws_instance.ec2-instance.private_ip
   }
 }
+output instance-id {
+  value = aws_instance.ec2-instance.id
+}
+
+output private-ip {
+  value = aws_instance.ec2-instance.private_ip
+}
\ No newline at end of file
diff --git a/modules/compute/ec2/variable.tf b/modules/compute/ec2/variable.tf
index 5afd27f..bf75f01 100644
--- a/modules/compute/ec2/variable.tf
+++ b/modules/compute/ec2/variable.tf
@@ -1,25 +1,35 @@
-variable instance-type {}
-variable ami-id {}
-variable asso-public-ip {}
+variable "instance-type" {}
+variable "ami-id" {}
+variable "asso-public-ip" {}
 // variable az {}
-variable instance-profile {
-  type = string
+variable "instance-profile" {
+  type    = string
   default = ""
 }
-variable key-name {}
-variable ebs-encrypted {}
-variable root-volume-size {}
-variable root-volume-type {
-  type = string
+variable "key-name" {}
+variable "ebs-encrypted" {}
+variable "root-volume-size" {}
+variable "root-volume-type" {
+  type    = string
   default = "gp3"
 }
-variable subnet-id {}
-variable security-groups {
-  type = list
+variable "kms-key-id" {}
+variable "delete-on-termination" {
+  type    = bool
+  default = true
 }
-variable instance-name {}
-variable additional_tags {}
-variable asso-eip {
+variable "subnet-id" {}
+variable "security-groups" {
+  type = list(any)
+}
+variable "instance-name" {}
+variable "additional_tags" {}
+variable "asso-eip" {
   type = bool
 }
-variable default-tags {}
\ No newline at end of file
+variable "default-tags" {}
+variable "data-volumes" {}
+variable "private-ip" {
+  type    = string
+  default = null
+}
\ No newline at end of file