diff --git a/modules/storage/aws-backup/README.md b/modules/storage/aws-backup/README.md
index 692722c..aa2d575 100644
--- a/modules/storage/aws-backup/README.md
+++ b/modules/storage/aws-backup/README.md
@@ -1,4 +1,8 @@
 <!-- This readme file is generated with terraform-docs -->
+# aws-backup
+
+Module to configure AWSBackup service opt in and manage backup settings for typical workloads
+
 ## Requirements
 
 No requirements.
@@ -34,9 +38,10 @@ No modules.
 | daily-backup-cron | Daily backup rule cron expression | `string` | n/a | yes |
 | daily-backup-retention | Daily backup retention period | `number` | n/a | yes |
 | enable-monthly-backup | Enable monthly backup plan | `bool` | `false` | no |
+| enable-vss | Enable VSS for Windows Ec2 | `bool` | `false` | no |
 | monthly-backup-cron | Monthly backup rule cron expression | `string` | `null` | no |
 | monthly-backup-retention | Monthly backup retention period | `number` | `null` | no |
-| service-opt-in | n/a | <pre>map(object({<br/>    enabled = bool<br/>  }))</pre> | <pre>{<br/>  "Aurora": {<br/>    "enabled": false<br/>  },<br/>  "DynamoDB": {<br/>    "enabled": true<br/>  },<br/>  "EBS": {<br/>    "enabled": false<br/>  },<br/>  "EC2": {<br/>    "enabled": true<br/>  },<br/>  "EFS": {<br/>    "enabled": true<br/>  },<br/>  "FSx": {<br/>    "enabled": false<br/>  },<br/>  "RDS": {<br/>    "enabled": true<br/>  },<br/>  "Redshift": {<br/>    "enabled": true<br/>  },<br/>  "S3": {<br/>    "enabled": false<br/>  },<br/>  "VirtualMachine": {<br/>    "enabled": false<br/>  }<br/>}</pre> | no |
+| service-opt-in | If not specified, EC2, RDS, EFS, and S3 are enabled | `map(string)` | <pre>{<br/>  "Aurora": false,<br/>  "CloudFormation": false,<br/>  "DynamoDB": false,<br/>  "EBS": false,<br/>  "EC2": true,<br/>  "EFS": true,<br/>  "EKS": false,<br/>  "FSx": false,<br/>  "Neptune": false,<br/>  "RDS": true,<br/>  "Redshift": false,<br/>  "Redshift Serverless": false,<br/>  "S3": true,<br/>  "SAP HANA on Amazon EC2": false,<br/>  "Storage Gateway": false,<br/>  "VirtualMachine": false<br/>}</pre> | no |
 
 ## Outputs
 
diff --git a/modules/storage/aws-backup/main.tf b/modules/storage/aws-backup/main.tf
index 1441c44..119cec2 100644
--- a/modules/storage/aws-backup/main.tf
+++ b/modules/storage/aws-backup/main.tf
@@ -1,63 +1,66 @@
-# build local data structure
+/**
+* # aws-backup
+*
+* Module to configure AWSBackup service opt in and manage backup settings for typical workloads
+ */
 
 data "aws_caller_identity" "this" {}
 
 locals {
   backup-config = {
     "Aurora" : {
-      enabled    = var.service-opt-in.Aurora.enabled
+      enabled    = var.service-opt-in["Aurora"].enabled
       arn-prefix = "arn:aws:rds:*:*:cluster:*"
     }
     "DynamoDB" : {
-      enabled    = var.service-opt-in.DynamoDB.enabled
+      enabled    = var.service-opt-in["DynamoDB"].enabled
       arn-prefix = "arn:aws:dynamodb:*:*:table/*"
     }
     "EBS" : {
-      enabled    = var.service-opt-in.EBS.enabled
+      enabled    = var.service-opt-in["EBS"].enabled
       arn-prefix = "arn:aws:ec2:*:*:volume/*"
     }
     "EC2" : {
-      enabled    = var.service-opt-in.EC2.enabled
+      enabled    = var.service-opt-in["EC2"].enabled
       arn-prefix = "arn:aws:ec2:*:*:instance/*"
     }
     "EFS" : {
-      enabled    = var.service-opt-in.EFS.enabled
+      enabled    = var.service-opt-in["EFS"].enabled
       arn-prefix = "arn:aws:elasticfilesystem:*:*:file-system/*"
     }
     "FSx" : {
-      enabled    = var.service-opt-in.FSx.enabled
+      enabled    = var.service-opt-in["FSx"].enabled
       arn-prefix = "arn:*:fsx:*"
     }
     "Redshift" : {
-      enabled    = var.service-opt-in.Redshift.enabled
+      enabled    = var.service-opt-in["Redshift"].enabled
       arn-prefix = "arn:aws:redshift:*:*:cluster:*"
     }
     "RDS" : {
-      enabled    = var.service-opt-in.RDS.enabled
+      enabled    = var.service-opt-in["RDS"].enabled
       arn-prefix = "arn:aws:rds:*:*:db:*"
     }
-    # this version can't handle space
-    #     "Storage Gateway" : {
-    #       enabled    = var.opt-in-storagegateway
-    #       arn-prefix = "arn:aws:storagegateway:*:*:gateway/*"
-    #     }
+    "Storage Gateway" : {
+      enabled    = var.service-opt-in["Storage Gateway"].enabled
+      arn-prefix = "arn:aws:storagegateway:*:*:gateway/*"
+    }
     "VirtualMachine" : {
-      enabled    = var.service-opt-in.VirtualMachine.enabled
+      enabled    = var.service-opt-in["VirtualMachine"].enabled
       arn-prefix = "arn:aws:backup-gateway:*:*:vm/*"
     }
     "S3" : {
-      enabled    = var.service-opt-in.S3.enabled
+      enabled    = var.service-opt-in["S3"].enabled
       arn-prefix = "arn:aws:s3:::*"
     }
     "EKS" : {
-      enabled    = var.service-opt-in.EKS.enabled
+      enabled    = var.service-opt-in["EKS"].enabled
       arn-prefix = "arn:aws:eks:*:*:cluster/*"
     }
     "CloudFormation" : {
-      enabled = var.service-opt-in.CloudFormation.enabled
+      enabled = var.service-opt-in["CloudFormation"].enabled
     }
     "Neptune" : {
-      enabled = var.service-opt-in.Neptune.enabled
+      enabled = var.service-opt-in["Neptune"].enabled
     }
     "Redshift Serverless" : {
       enabled = var.service-opt-in["Redshift Serverless"].enabled
@@ -82,7 +85,7 @@ resource "aws_backup_vault" "ab-vault" {
     for k, v in local.backup-config : k
     if v.enabled
   ])
-  name        = "BackupVault-${each.value}"
+  name        = "BackupVault-${trimspace(each.value)}"
   kms_key_arn = var.backup_kms_key
 }
 
@@ -161,12 +164,15 @@ resource "aws_backup_plan" "ab-plan" {
     }
   }
 
-  #   advanced_backup_setting {
-  #     backup_options = {
-  #       WindowsVSS = "enabled"
-  #     }
-  #     resource_type = "EC2"
-  #   }
+  dynamic "advanced_backup_setting" {
+    for_each = var.enable-vss ? [1] : []
+    content {
+      backup_options = {
+        WindowsVSS = "enabled"
+      }
+      resource_type = "EC2"
+    }
+  }
 }
 #
 resource "aws_iam_role" "ab-iam-role" {
diff --git a/modules/storage/aws-backup/variables.tf b/modules/storage/aws-backup/variables.tf
index ac15d9a..a72de2a 100644
--- a/modules/storage/aws-backup/variables.tf
+++ b/modules/storage/aws-backup/variables.tf
@@ -21,58 +21,25 @@ variable "monthly-backup-retention" {
 }
 
 variable "service-opt-in" {
-  type = map(object({
-    enabled = bool
-  }))
+  type        = map(string)
+  description = "If not specified, EC2, RDS, EFS, and S3 are enabled"
   default = {
-    "Aurora" : {
-      enabled = false
-    }
-    "DynamoDB" : {
-      enabled = true
-    }
-    "EBS" : {
-      enabled = false
-    }
-    "EC2" : {
-      enabled = true
-    }
-    "EFS" : {
-      enabled = true
-    }
-    "FSx" : {
-      enabled = false
-    }
-    "Redshift" : {
-      enabled = true
-    }
-    "RDS" : {
-      enabled = true
-    }
-    "VirtualMachine" : {
-      enabled = false
-    }
-    "S3" : {
-      enabled = false
-    }
-    "EKS" : {
-      enabled = false
-    }
-    "CloudFormation" : {
-      enabled = false
-    }
-    "Neptune" : {
-      enabled = false
-    }
-    "Redshift Serverless" : {
-      enabled = false
-    }
-    "SAP HANA on Amazon EC2" : {
-      enabled = false
-    }
-    "Storage Gateway" : {
-      enabled = false
-    }
+    "Aurora" : false,
+    "DynamoDB" : false,
+    "EBS" : false,
+    "EC2" : true,
+    "EFS" : true,
+    "FSx" : false,
+    "Redshift" : false,
+    "RDS" : true,
+    "VirtualMachine" : false,
+    "S3" : true,
+    "EKS" : false,
+    "CloudFormation" : false,
+    "Neptune" : false,
+    "Redshift Serverless" : false,
+    "SAP HANA on Amazon EC2" : false,
+    "Storage Gateway" : false
   }
 }
 
@@ -86,4 +53,10 @@ variable "enable-monthly-backup" {
   description = "Enable monthly backup plan"
   type        = bool
   default     = false
+}
+
+variable "enable-vss" {
+  type        = bool
+  description = "Enable VSS for Windows Ec2"
+  default     = false
 }
\ No newline at end of file