diff --git a/CHANGELOG.md b/CHANGELOG.md
index 259196fb6..be565c8cd 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,17 @@
 # Release Notes
 
 
+## Version 0.28.0
+**Release Date**: 20th October 2021
+### Features
+1. User / Groups View added
+    1. Allow the creation / definition of local Users
+    2. Allow the creation / definition of OCI Groups
+2. Bastion as a Service functionality added to main design canvas.
+### Bug Fixes
+1. Add missing policy documentation to export to markdown.
+
+
 ## Version 0.27.1
 **Release Date**: 1st October 2021
 ### Bug Fixes
diff --git a/okitweb/static/okit/css/okit_console.css b/okitweb/static/okit/css/okit_console.css
index 0ff0b79bb..9e1b36fe4 100644
--- a/okitweb/static/okit/css/okit_console.css
+++ b/okitweb/static/okit/css/okit_console.css
@@ -108,9 +108,11 @@ summary:focus {
 }
 
 .hidden {
-    visibility: hidden;
+    position: absolute;
     display: none;
+    visibility: hidden;
     max-height: 0;
+    max-width: 0;
 }
 
 .okit-pointer-cursor {
diff --git a/okitweb/static/okit/js/okit.js b/okitweb/static/okit/js/okit.js
index 6734aa5b5..b9280e5c2 100644
--- a/okitweb/static/okit/js/okit.js
+++ b/okitweb/static/okit/js/okit.js
@@ -406,7 +406,7 @@ class OkitSettings {
         this.highlight_association = true;
         this.show_label = 'none';
         this.tooltip_type = 'simple';
-        this.name_prefix = 'okit-';
+        this.name_prefix = 'okit';
         this.auto_save = false;
         this.show_ocids = false;
         this.validate_markdown = true;
diff --git a/okitweb/static/okit/js/okit_designer_generation.js b/okitweb/static/okit/js/okit_designer_generation.js
index 4447938f3..eb0a6d2f7 100644
--- a/okitweb/static/okit/js/okit_designer_generation.js
+++ b/okitweb/static/okit/js/okit_designer_generation.js
@@ -444,7 +444,7 @@ function exportToResourceManager() {
         create_or_update: $('input[name=create_update_toggle]:checked').val(),
         plan_or_apply: $('input[name=plan_apply_toggle]:checked').val()
     };
-    console.info('Resource Manager Options : ' + JSON.stringify(request_json));
+    // console.info('Resource Manager Options : ' + JSON.stringify(request_json));
     hideNavMenu();
     setBusyIcon();
     $(jqId('modal_dialog_progress')).removeClass('hidden');
diff --git a/okitweb/static/okit/model/js/artefacts/bastion.js b/okitweb/static/okit/model/js/artefacts/bastion.js
new file mode 100644
index 000000000..dd5a5eeda
--- /dev/null
+++ b/okitweb/static/okit/model/js/artefacts/bastion.js
@@ -0,0 +1,76 @@
+/*
+** Copyright (c) 2020, 2021, Oracle and/or its affiliates.
+** Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+*/
+console.info('Loaded Bastion Javascript');
+
+/*
+** Define Bastion Class
+*/
+class Bastion extends OkitArtifact {
+    /*
+    ** Create
+    */
+    constructor (data={}, okitjson={}) {
+        super(okitjson);
+        // Configure default values
+        // # Required
+        this.display_name = this.generateDefaultName(okitjson.bastions.length + 1);
+        this.compartment_id = '';
+        this.bastion_type = 'STANDARD';
+        this.target_subnet_id = '';
+        // # Optional
+        this.client_cidr_block_allow_list = [];
+        this.max_session_ttl_in_seconds = 180 * 60;
+        this.phone_book_entry = '';
+        this.static_jump_host_ip_addresses = '';
+        // Update with any passed data
+        this.merge(data);
+        this.convert();
+        // Expose subnet_id at the top level
+        Object.defineProperty(this, 'subnet_id', {get: function() {return this.target_subnet_id;}, set: function(id) {this.target_subnet_id = id;}, enumerable: false });
+    }
+    /*
+    ** Clone Functionality
+    */
+    clone() {
+        return new Bastion(JSON.clone(this), this.getOkitJson());
+    }
+    /*
+    ** Name Generation
+    */
+    getNamePrefix() {
+        return super.getNamePrefix() + 'b';
+    }
+    /*
+    ** Static Functionality
+    */
+    static getArtifactReference() {
+        return 'Bastion';
+    }
+}
+/*
+** Dynamically Add Model Functions
+*/
+OkitJson.prototype.newBastion = function(data) {
+    this.getBastions().push(new Bastion(data, this));
+    return this.getBastions()[this.getBastions().length - 1];
+}
+OkitJson.prototype.getBastions = function() {
+    if (!this.bastions) {
+        this.bastions = [];
+    }
+    return this.bastions;
+}
+OkitJson.prototype.getBastion = function(id='') {
+    for (let artefact of this.getBastions()) {
+        if (artefact.id === id) {
+            return artefact;
+        }
+    }
+return undefined;
+}
+OkitJson.prototype.deleteBastion = function(id) {
+    this.bastions = this.bastions ? this.bastions.filter((r) => r.id !== id) : []
+}
+
diff --git a/okitweb/static/okit/model/js/artefacts/key.js b/okitweb/static/okit/model/js/artefacts/key.js
new file mode 100644
index 000000000..c427e1f54
--- /dev/null
+++ b/okitweb/static/okit/model/js/artefacts/key.js
@@ -0,0 +1,72 @@
+/*
+** Copyright (c) 2020, 2021, Oracle and/or its affiliates.
+** Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+*/
+console.info('Loaded Key Javascript');
+
+/*
+** Define Key Class
+*/
+class Key extends OkitArtifact {
+    /*
+    ** Create
+    */
+    constructor (data={}, okitjson={}) {
+        super(okitjson);
+        // Configure default values
+        this.display_name = this.generateDefaultName(okitjson.keys.length + 1);
+        this.compartment_id = data.parent_id;
+        /*
+        ** TODO: Add Resource / Artefact specific parameters and default
+        */
+        // Update with any passed data
+        this.merge(data);
+        this.convert();
+        // TODO: If the Resource is within a Subnet but the subnet_iss is not at the top level then raise it with the following functions if not required delete them.
+        // Expose subnet_id at the top level
+        Object.defineProperty(this, 'subnet_id', {get: function() {return this.primary_mount_target.subnet_id;}, set: function(id) {this.primary_mount_target.subnet_id = id;}, enumerable: false });
+    }
+    /*
+    ** Clone Functionality
+    */
+    clone() {
+        return new Key(JSON.clone(this), this.getOkitJson());
+    }
+    /*
+    ** Name Generation
+    */
+    getNamePrefix() {
+        return super.getNamePrefix() + 'k';
+    }
+    /*
+    ** Static Functionality
+    */
+    static getArtifactReference() {
+        return 'Key';
+    }
+}
+/*
+** Dynamically Add Model Functions
+*/
+OkitJson.prototype.newKey = function(data) {
+    this.getKeys().push(new Key(data, this));
+    return this.getKeys()[this.getKeys().length - 1];
+}
+OkitJson.prototype.getKeys = function() {
+    if (!this.keys) {
+        this.keys = [];
+    }
+    return this.keys;
+}
+OkitJson.prototype.getKey = function(id='') {
+    for (let artefact of this.getKeys()) {
+        if (artefact.id === id) {
+            return artefact;
+        }
+    }
+return undefined;
+}
+OkitJson.prototype.deleteKey = function(id) {
+    this.keys = this.keys ? this.keys.filter((r) => r.id !== id) : []
+}
+
diff --git a/okitweb/static/okit/model/js/artefacts/network_load_balancer.js b/okitweb/static/okit/model/js/artefacts/network_load_balancer.js
new file mode 100644
index 000000000..3f51fb7d8
--- /dev/null
+++ b/okitweb/static/okit/model/js/artefacts/network_load_balancer.js
@@ -0,0 +1,72 @@
+/*
+** Copyright (c) 2020, 2021, Oracle and/or its affiliates.
+** Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+*/
+console.info('Loaded Network Load Balancer Javascript');
+
+/*
+** Define Network Load Balancer Class
+*/
+class NetworkLoadBalancer extends OkitArtifact {
+    /*
+    ** Create
+    */
+    constructor (data={}, okitjson={}) {
+        super(okitjson);
+        // Configure default values
+        this.display_name = this.generateDefaultName(okitjson.network_load_balancers.length + 1);
+        this.compartment_id = data.parent_id;
+        /*
+        ** TODO: Add Resource / Artefact specific parameters and default
+        */
+        // Update with any passed data
+        this.merge(data);
+        this.convert();
+        // TODO: If the Resource is within a Subnet but the subnet_iss is not at the top level then raise it with the following functions if not required delete them.
+        // Expose subnet_id at the top level
+        Object.defineProperty(this, 'subnet_id', {get: function() {return this.primary_mount_target.subnet_id;}, set: function(id) {this.primary_mount_target.subnet_id = id;}, enumerable: false });
+    }
+    /*
+    ** Clone Functionality
+    */
+    clone() {
+        return new NetworkLoadBalancer(JSON.clone(this), this.getOkitJson());
+    }
+    /*
+    ** Name Generation
+    */
+    getNamePrefix() {
+        return super.getNamePrefix() + 'nlb';
+    }
+    /*
+    ** Static Functionality
+    */
+    static getArtifactReference() {
+        return 'Network Load Balancer';
+    }
+}
+/*
+** Dynamically Add Model Functions
+*/
+OkitJson.prototype.newNetworkLoadBalancer = function(data) {
+    this.getNetworkLoadBalancers().push(new NetworkLoadBalancer(data, this));
+    return this.getNetworkLoadBalancers()[this.getNetworkLoadBalancers().length - 1];
+}
+OkitJson.prototype.getNetworkLoadBalancers = function() {
+    if (!this.network_load_balancers) {
+        this.network_load_balancers = [];
+    }
+    return this.network_load_balancers;
+}
+OkitJson.prototype.getNetworkLoadBalancer = function(id='') {
+    for (let artefact of this.getNetworkLoadBalancers()) {
+        if (artefact.id === id) {
+            return artefact;
+        }
+    }
+return undefined;
+}
+OkitJson.prototype.deleteNetworkLoadBalancer = function(id) {
+    this.network_load_balancers = this.network_load_balancers ? this.network_load_balancers.filter((r) => r.id !== id) : []
+}
+
diff --git a/okitweb/static/okit/model/js/artefacts/nosql_database.js b/okitweb/static/okit/model/js/artefacts/nosql_database.js
new file mode 100644
index 000000000..07354c27d
--- /dev/null
+++ b/okitweb/static/okit/model/js/artefacts/nosql_database.js
@@ -0,0 +1,72 @@
+/*
+** Copyright (c) 2020, 2021, Oracle and/or its affiliates.
+** Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+*/
+console.info('Loaded NoSQL Database Javascript');
+
+/*
+** Define NoSQL Database Class
+*/
+class NoSQLDatabase extends OkitArtifact {
+    /*
+    ** Create
+    */
+    constructor (data={}, okitjson={}) {
+        super(okitjson);
+        // Configure default values
+        this.display_name = this.generateDefaultName(okitjson.nosql_databases.length + 1);
+        this.compartment_id = data.parent_id;
+        /*
+        ** TODO: Add Resource / Artefact specific parameters and default
+        */
+        // Update with any passed data
+        this.merge(data);
+        this.convert();
+        // TODO: If the Resource is within a Subnet but the subnet_iss is not at the top level then raise it with the following functions if not required delete them.
+        // Expose subnet_id at the top level
+        Object.defineProperty(this, 'subnet_id', {get: function() {return this.primary_mount_target.subnet_id;}, set: function(id) {this.primary_mount_target.subnet_id = id;}, enumerable: false });
+    }
+    /*
+    ** Clone Functionality
+    */
+    clone() {
+        return new NoSQLDatabase(JSON.clone(this), this.getOkitJson());
+    }
+    /*
+    ** Name Generation
+    */
+    getNamePrefix() {
+        return super.getNamePrefix() + 'nd';
+    }
+    /*
+    ** Static Functionality
+    */
+    static getArtifactReference() {
+        return 'NoSQL Database';
+    }
+}
+/*
+** Dynamically Add Model Functions
+*/
+OkitJson.prototype.newNoSQLDatabase = function(data) {
+    this.getNoSQLDatabases().push(new NoSQLDatabase(data, this));
+    return this.getNoSQLDatabases()[this.getNoSQLDatabases().length - 1];
+}
+OkitJson.prototype.getNoSQLDatabases = function() {
+    if (!this.nosql_databases) {
+        this.nosql_databases = [];
+    }
+    return this.nosql_databases;
+}
+OkitJson.prototype.getNoSQLDatabase = function(id='') {
+    for (let artefact of this.getNoSQLDatabases()) {
+        if (artefact.id === id) {
+            return artefact;
+        }
+    }
+return undefined;
+}
+OkitJson.prototype.deleteNoSQLDatabase = function(id) {
+    this.nosql_databases = this.nosql_databases ? this.nosql_databases.filter((r) => r.id !== id) : []
+}
+
diff --git a/okitweb/static/okit/model/js/artefacts/vault.js b/okitweb/static/okit/model/js/artefacts/vault.js
new file mode 100644
index 000000000..46c4691a8
--- /dev/null
+++ b/okitweb/static/okit/model/js/artefacts/vault.js
@@ -0,0 +1,72 @@
+/*
+** Copyright (c) 2020, 2021, Oracle and/or its affiliates.
+** Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+*/
+console.info('Loaded Vault Javascript');
+
+/*
+** Define Vault Class
+*/
+class Vault extends OkitArtifact {
+    /*
+    ** Create
+    */
+    constructor (data={}, okitjson={}) {
+        super(okitjson);
+        // Configure default values
+        this.display_name = this.generateDefaultName(okitjson.vaults.length + 1);
+        this.compartment_id = data.parent_id;
+        /*
+        ** TODO: Add Resource / Artefact specific parameters and default
+        */
+        // Update with any passed data
+        this.merge(data);
+        this.convert();
+        // TODO: If the Resource is within a Subnet but the subnet_iss is not at the top level then raise it with the following functions if not required delete them.
+        // Expose subnet_id at the top level
+        Object.defineProperty(this, 'subnet_id', {get: function() {return this.primary_mount_target.subnet_id;}, set: function(id) {this.primary_mount_target.subnet_id = id;}, enumerable: false });
+    }
+    /*
+    ** Clone Functionality
+    */
+    clone() {
+        return new Vault(JSON.clone(this), this.getOkitJson());
+    }
+    /*
+    ** Name Generation
+    */
+    getNamePrefix() {
+        return super.getNamePrefix() + 'v';
+    }
+    /*
+    ** Static Functionality
+    */
+    static getArtifactReference() {
+        return 'Vault';
+    }
+}
+/*
+** Dynamically Add Model Functions
+*/
+OkitJson.prototype.newVault = function(data) {
+    this.getVaults().push(new Vault(data, this));
+    return this.getVaults()[this.getVaults().length - 1];
+}
+OkitJson.prototype.getVaults = function() {
+    if (!this.vaults) {
+        this.vaults = [];
+    }
+    return this.vaults;
+}
+OkitJson.prototype.getVault = function(id='') {
+    for (let artefact of this.getVaults()) {
+        if (artefact.id === id) {
+            return artefact;
+        }
+    }
+return undefined;
+}
+OkitJson.prototype.deleteVault = function(id) {
+    this.vaults = this.vaults ? this.vaults.filter((r) => r.id !== id) : []
+}
+
diff --git a/okitweb/static/okit/model/js/okit_model.js b/okitweb/static/okit/model/js/okit_model.js
index 69f04628c..5708b57e7 100644
--- a/okitweb/static/okit/model/js/okit_model.js
+++ b/okitweb/static/okit/model/js/okit_model.js
@@ -1213,7 +1213,7 @@ class OkitArtifact {
     }
 
     getNamePrefix() {
-        return okitSettings ? okitSettings.name_prefix : 'okit-';
+        return okitSettings ? okitSettings.name_prefix : 'okit';
     }
 
     getAvailabilityDomainNumber(availability_domain) {
diff --git a/okitweb/static/okit/palette/palette.json b/okitweb/static/okit/palette/palette.json
index 310b5a9e0..747729b9e 100644
--- a/okitweb/static/okit/palette/palette.json
+++ b/okitweb/static/okit/palette/palette.json
@@ -57,6 +57,16 @@
                     "targets": ["oci"],
                     "svg": "MySQLDatabaseServiceMDS.svg"
                 },
+                {
+                    "title": "NoSQL Database",
+                    "targets": ["oci", "hidden"],
+                    "svg": "NoSQLDatabase.svg"
+                },
+                {
+                    "title": "Autonomous Data Warehouse Cloud Service",
+                    "targets": ["hidden"],
+                    "svg": "AutonomousDataWarehouseCloudService.svg"
+                },
                 {
                     "title": "Exadata Database System",
                     "targets": ["hidden"],
@@ -73,6 +83,11 @@
                     "targets": ["oci"],
                     "svg": "LoadBalancerLB.svg"
                 },
+                {
+                    "title": "NetworkLoad Balancer",
+                    "targets": ["oci", "hidden"],
+                    "svg": "NetworkLoadBalancerLB.svg"
+                },
                 {
                     "title": "Virtual Cloud Network",
                     "targets": ["oci", "free tier", "pca"],
@@ -176,10 +191,25 @@
             "title": "Identity",
             "svg": "identity.svg",
             "resources": [
+                {
+                    "title": "Bastion",
+                    "targets": ["oci", "pca"],
+                    "svg": "Bastion.svg"
+                },
                 {
                     "title": "Policy",
                     "targets": ["oci", "pca"],
                     "svg": "Policies.svg"
+                },
+                {
+                    "title": "Vault",
+                    "targets": ["oci", "pca", "hidden"],
+                    "svg": "KeyVault.svg"
+                },
+                {
+                    "title": "Key",
+                    "targets": ["oci", "pca", "hidden"],
+                    "svg": "KeyManagement.svg"
                 }
             ]
         }
diff --git a/okitweb/static/okit/palette/svg/Autonomous-Transaction-Processing-ATP.svg b/okitweb/static/okit/palette/svg/AutonomousTransactionProcessingATP.svg
similarity index 100%
rename from okitweb/static/okit/palette/svg/Autonomous-Transaction-Processing-ATP.svg
rename to okitweb/static/okit/palette/svg/AutonomousTransactionProcessingATP.svg
diff --git a/okitweb/static/okit/palette/svg/Bastion.svg b/okitweb/static/okit/palette/svg/Bastion.svg
new file mode 100644
index 000000000..db39be846
--- /dev/null
+++ b/okitweb/static/okit/palette/svg/Bastion.svg
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Generator: Adobe Illustrator 24.0.2, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->
+<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
+	 viewBox="0 0 40.23 40.23" style="enable-background:new 0 0 40.23 40.23;" xml:space="preserve">
+<style type="text/css">
+	.st0{fill:#FFFFFF;}
+	.st1{fill:none;}
+	.st2{fill:#2C5967;}
+</style>
+<g>
+	<g>
+		<path class="st0" d="M2.59,39.73c-1.15,0-2.09-0.94-2.09-2.09V2.59c0-1.15,0.94-2.09,2.09-2.09h35.04c1.15,0,2.09,0.94,2.09,2.09
+			v35.04c0,1.15-0.94,2.09-2.09,2.09H2.59z"/>
+		<path class="st0" d="M37.64,1c0.88,0,1.59,0.71,1.59,1.59v35.04c0,0.88-0.71,1.59-1.59,1.59H2.59C1.71,39.23,1,38.52,1,37.64V2.59
+			C1,1.71,1.71,1,2.59,1H37.64 M37.64,0H2.59C1.16,0,0,1.16,0,2.59v35.04c0,1.43,1.16,2.59,2.59,2.59h35.04
+			c1.43,0,2.59-1.16,2.59-2.59V2.59C40.23,1.16,39.07,0,37.64,0L37.64,0z"/>
+	</g>
+	<g>
+		<rect x="6.66" y="17.28" class="st1" width="1.06" height="5.66"/>
+		<rect x="14.1" y="17.28" class="st1" width="1.06" height="5.66"/>
+		<rect x="9.14" y="17.28" class="st1" width="1.06" height="5.66"/>
+		<path class="st1" d="M33.57,27.73H6.66v5.66h26.9V27.73z M30.38,31.62c-0.59,0-1.06-0.48-1.06-1.06c0-0.59,0.48-1.06,1.06-1.06
+			c0.59,0,1.06,0.48,1.06,1.06C31.44,31.14,30.97,31.62,30.38,31.62z"/>
+		<rect x="11.62" y="17.28" class="st1" width="1.06" height="5.66"/>
+		<rect x="16.58" y="17.28" class="st1" width="1.06" height="5.66"/>
+		<rect x="11.62" y="6.66" class="st1" width="1.06" height="5.66"/>
+		<rect x="16.58" y="6.66" class="st1" width="1.06" height="5.66"/>
+		<rect x="9.14" y="6.66" class="st1" width="1.06" height="5.66"/>
+		<rect x="30.03" y="17.28" class="st1" width="1.06" height="5.66"/>
+		<rect x="14.1" y="6.66" class="st1" width="1.06" height="5.66"/>
+		<rect x="6.66" y="6.66" class="st1" width="1.06" height="5.66"/>
+		<rect x="27.55" y="17.28" class="st1" width="1.06" height="5.66"/>
+		<rect x="32.5" y="6.66" class="st1" width="1.06" height="5.66"/>
+		<rect x="25.07" y="6.66" class="st1" width="1.06" height="5.66"/>
+		<rect x="30.03" y="6.66" class="st1" width="1.06" height="5.66"/>
+		<rect x="27.55" y="6.66" class="st1" width="1.06" height="5.66"/>
+		<path class="st1" d="M37.64,2.42H2.59c-0.1,0-0.18,0.08-0.18,0.18v35.04c0,0.1,0.08,0.18,0.18,0.18h35.04
+			c0.1,0,0.18-0.08,0.18-0.18V2.59C37.81,2.5,37.73,2.42,37.64,2.42z M5.25,5.25h13.81v8.5H5.25V5.25z M5.25,15.87h13.81v8.5H5.25
+			V15.87z M34.98,34.81H5.25v-8.5h29.73V34.81z M34.98,24.36H21.18v-8.5h13.81V24.36z M34.98,13.74H21.18v-8.5h13.81V13.74z"/>
+		<rect x="22.59" y="6.66" class="st1" width="1.06" height="5.66"/>
+		<rect x="32.5" y="17.28" class="st1" width="1.06" height="5.66"/>
+		<rect x="25.07" y="17.28" class="st1" width="1.06" height="5.66"/>
+		<rect x="22.59" y="17.28" class="st1" width="1.06" height="5.66"/>
+		<path class="st2" d="M37.64,1H2.59C1.71,1,1,1.71,1,2.59v35.04c0,0.88,0.71,1.59,1.59,1.59h35.04c0.88,0,1.59-0.71,1.59-1.59V2.59
+			C39.23,1.71,38.52,1,37.64,1z M37.81,37.64c0,0.1-0.08,0.18-0.18,0.18H2.59c-0.1,0-0.18-0.08-0.18-0.18V2.59
+			c0-0.1,0.08-0.18,0.18-0.18h35.04c0.1,0,0.18,0.08,0.18,0.18V37.64z"/>
+		<path class="st2" d="M5.25,34.81h29.73v-8.5H5.25V34.81z M6.66,27.73h26.9v5.66H6.66V27.73z"/>
+		<circle class="st2" cx="30.38" cy="30.56" r="1.06"/>
+		<path class="st2" d="M19.05,5.25H5.25v8.5h13.81V5.25z M11.62,6.66h1.06v5.66h-1.06V6.66z M10.2,12.33H9.14V6.66h1.06V12.33z
+			 M14.1,6.66h1.06v5.66H14.1V6.66z M6.66,6.66h1.06v5.66H6.66V6.66z M17.64,12.33h-1.06V6.66h1.06V12.33z"/>
+		<path class="st2" d="M21.18,13.74h13.81v-8.5H21.18V13.74z M28.61,12.33h-1.06V6.66h1.06V12.33z M30.03,6.66h1.06v5.66h-1.06V6.66
+			z M26.13,12.33h-1.06V6.66h1.06V12.33z M33.57,12.33H32.5V6.66h1.06V12.33z M22.59,6.66h1.06v5.66h-1.06V6.66z"/>
+		<path class="st2" d="M19.05,15.87H5.25v8.5h13.81V15.87z M11.62,17.28h1.06v5.66h-1.06V17.28z M10.2,22.95H9.14v-5.66h1.06V22.95z
+			 M14.1,17.28h1.06v5.66H14.1V17.28z M6.66,17.28h1.06v5.66H6.66V17.28z M17.64,22.95h-1.06v-5.66h1.06V22.95z"/>
+		<path class="st2" d="M21.18,24.36h13.81v-8.5H21.18V24.36z M28.61,22.95h-1.06v-5.66h1.06V22.95z M30.03,17.28h1.06v5.66h-1.06
+			V17.28z M26.13,22.95h-1.06v-5.66h1.06V22.95z M33.57,22.95H32.5v-5.66h1.06V22.95z M22.59,17.28h1.06v5.66h-1.06V17.28z"/>
+	</g>
+</g>
+</svg>
diff --git a/okitweb/static/okit/palette/svg/NoSQL-Database.svg b/okitweb/static/okit/palette/svg/NoSQLDatabase.svg
similarity index 100%
rename from okitweb/static/okit/palette/svg/NoSQL-Database.svg
rename to okitweb/static/okit/palette/svg/NoSQLDatabase.svg
diff --git a/okitweb/static/okit/view/designer/js/artefacts/autonomous_database.js b/okitweb/static/okit/view/designer/js/artefacts/autonomous_database.js
index e57af310f..d0f07ec79 100644
--- a/okitweb/static/okit/view/designer/js/artefacts/autonomous_database.js
+++ b/okitweb/static/okit/view/designer/js/artefacts/autonomous_database.js
@@ -13,6 +13,7 @@ class AutonomousDatabaseView extends OkitDesignerArtefactView {
     }
 
     // -- Reference
+    get icon_definition_id() {return this.db_workload.startsWith('DW') ? OkitJsonView.toSvgIconDef('AutonomousDataWarehouseCloudService') : super.icon_definition_id;}
     get parent_id() {
         let subnet = this.getJsonView().getSubnet(this.artefact.subnet_id);
         if (subnet && subnet.compartment_id === this.artefact.compartment_id) {
diff --git a/okitweb/static/okit/view/designer/js/artefacts/bastion.js b/okitweb/static/okit/view/designer/js/artefacts/bastion.js
new file mode 100644
index 000000000..b50bca983
--- /dev/null
+++ b/okitweb/static/okit/view/designer/js/artefacts/bastion.js
@@ -0,0 +1,168 @@
+/*
+** Copyright (c) 2020, 2021, Oracle and/or its affiliates.
+** Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+*/
+console.info('Loaded Bastion View Javascript');
+
+/*
+** Define Bastion View Class
+*/
+class BastionView extends OkitArtefactView {
+    constructor(artefact=null, json_view) {
+        if (!json_view.bastions) json_view.bastions = [];
+        super(artefact, json_view);
+    }
+    // -- Reference
+    get parent_id() {
+        let primary_subnet = this.getJsonView().getSubnet(this.subnet_id);
+        if (primary_subnet && primary_subnet.compartment_id === this.artefact.compartment_id) {
+            return this.subnet_id;
+        } else {
+            return this.compartment_id;
+        }
+    }
+    get parent() {return this.getJsonView().getSubnet(this.parent_id) ? this.getJsonView().getSubnet(this.parent_id) : this.getJsonView().getCompartment(this.parent_id);}
+    // Direct Subnet Access
+    get subnet_id() {return this.artefact.target_subnet_id;}
+    set subnet_id(id) {this.artefact.target_subnet_id = id;}
+    /*
+    ** SVG Processing
+    */
+    /*
+    ** Property Sheet Load function
+    */
+    loadProperties() {
+        const self = this;
+        $(jqId(PROPERTIES_PANEL)).load("propertysheets/bastion.html", () => {loadPropertiesSheet(self.artefact);});
+    }
+    /*
+    ** Load and display Value Proposition
+    */
+    loadValueProposition() {
+        $(jqId(VALUE_PROPOSITION_PANEL)).load("valueproposition/bastion.html");
+    }
+    /*
+    ** Static Functionality
+    */
+    static getArtifactReference() {
+        return Bastion.getArtifactReference();
+    }
+    static getDropTargets() {
+        return [Compartment.getArtifactReference(), Subnet.getArtifactReference()];
+    }
+}
+/*
+** Dynamically Add View Functions
+*/
+OkitJsonView.prototype.dropBastionView = function(target) {
+    let view_artefact = this.newBastion();
+    if (target.type === Subnet.getArtifactReference()) {
+        view_artefact.getArtefact().target_subnet_id = target.id;
+        view_artefact.getArtefact().compartment_id = target.compartment_id;
+    } else if (target.type === Compartment.getArtifactReference()) {
+        view_artefact.getArtefact().compartment_id = target.id;
+}
+    view_artefact.recalculate_dimensions = true;
+    return view_artefact;
+}
+OkitJsonView.prototype.newBastion = function(obj) {
+    this.getBastions().push(obj ? new BastionView(obj, this) : new BastionView(this.okitjson.newBastion(), this));
+    return this.getBastions()[this.getBastions().length - 1];
+}
+OkitJsonView.prototype.getBastions = function() {
+    if (!this.bastions) {
+        this.bastions = [];
+    }
+    return this.bastions;
+}
+OkitJsonView.prototype.getBastion = function(id='') {
+    for (let artefact of this.getBastions()) {
+        if (artefact.id === id) {
+            return artefact;
+        }
+    }
+    return undefined;
+}
+OkitJsonView.prototype.loadBastions = function(bastions) {
+    for (const artefact of bastions) {
+        this.getBastions().push(new BastionView(new Bastion(artefact, this.okitjson), this));
+    }
+}
+OkitJsonView.prototype.moveBastion = function(id) {
+    // Build Dialog
+    const self = this;
+    let bastion = this.getBastion(id);
+    $(jqId('modal_dialog_title')).text('Move ' + bastion.display_name);
+    $(jqId('modal_dialog_body')).empty();
+    $(jqId('modal_dialog_footer')).empty();
+    const table = d3.select(d3Id('modal_dialog_body')).append('div')
+        .attr('class', 'table okit-table');
+    const tbody = table.append('div')
+        .attr('class', 'tbody');
+    // Subnet
+    let tr = tbody.append('div')
+        .attr('class', 'tr');
+    tr.append('div')
+        .attr('class', 'td')
+        .text('Subnet');
+    tr.append('div')
+        .attr('class', 'td')
+        .append('select')
+        .attr('id', 'move_bastion_subnet_id');
+    // Load Subnets
+    this.loadSubnetsSelect('move_bastion_subnet_id');
+    $(jqId("move_bastion_subnet_id")).val(bastion.artefact.subnet_id);
+    // Submit Button
+    const submit = d3.select(d3Id('modal_dialog_footer')).append('div').append('button')
+        .attr('id', 'submit_query_btn')
+        .attr('type', 'button')
+        .text('Move')
+        .on('click', function () {
+            $(jqId('modal_dialog_wrapper')).addClass('hidden');
+            if (bastion.artefact.subnet_id !== $(jqId("move_bastion_subnet_id")).val()) {
+                self.getSubnet(bastion.artefact.subnet_id).recalculate_dimensions = true;
+                self.getSubnet($(jqId("move_bastion_subnet_id")).val()).recalculate_dimensions = true;
+                bastion.artefact.subnet_id = $(jqId("move_bastion_subnet_id")).val();
+                bastion.artefact.compartment_id = self.getSubnet(bastion.artefact.subnet_id).artefact.compartment_id;
+            }
+            self.update(this.okitjson);
+        });
+    $(jqId('modal_dialog_wrapper')).removeClass('hidden');
+}
+OkitJsonView.prototype.pasteBastion = function(drop_target) {
+    const clone = this.copied_artefact.artefact.clone();
+    clone.display_name += 'Copy';
+    if (this.paste_count) {clone.display_name += `-${this.paste_count}`;}
+    this.paste_count += 1;
+    clone.id = clone.okit_id;
+    if (drop_target.getArtifactReference() === Subnet.getArtifactReference()) {
+        clone.subnet_id = drop_target.id;
+        clone.compartment_id = drop_target.compartment_id;
+    }
+    this.okitjson.bastions.push(clone);
+    this.update(this.okitjson);
+}
+OkitJsonView.prototype.loadBastionsSelect = function(select_id, empty_option=false) {
+    $(jqId(select_id)).empty();
+    const bastion_select = $(jqId(select_id));
+    if (empty_option) {
+        bastion_select.append($('<option>').attr('value', '').text(''));
+    }
+    for (let bastion of this.getBastions()) {
+        bastion_select.append($('<option>').attr('value', bastion.id).text(bastion.display_name));
+    }
+}
+OkitJsonView.prototype.loadBastionsMultiSelect = function(select_id) {
+    $(jqId(select_id)).empty();
+    const multi_select = d3.select(d3Id(select_id));
+    for (let bastion of this.getBastions()) {
+        const div = multi_select.append('div');
+        div.append('input')
+            .attr('type', 'checkbox')
+            .attr('id', safeId(bastion.id))
+            .attr('value', bastion.id);
+        div.append('label')
+            .attr('for', safeId(bastion.id))
+            .text(bastion.display_name);
+    }
+}
diff --git a/okitweb/static/okit/view/designer/js/artefacts/compartment.js b/okitweb/static/okit/view/designer/js/artefacts/compartment.js
index 7d11032dc..de5b9205a 100644
--- a/okitweb/static/okit/view/designer/js/artefacts/compartment.js
+++ b/okitweb/static/okit/view/designer/js/artefacts/compartment.js
@@ -83,7 +83,7 @@ class CompartmentView extends OkitContainerDesignerArtefactView {
     }
 
     getLeftArtifacts() {
-        return [BlockStorageVolume.getArtifactReference(), Policy.getArtifactReference(), Group.getArtifactReference(), User.getArtifactReference(), DynamicGroup.getArtifactReference()];
+        return [Bastion.getArtifactReference(), BlockStorageVolume.getArtifactReference(), Policy.getArtifactReference(), Group.getArtifactReference(), User.getArtifactReference(), DynamicGroup.getArtifactReference()];
     }
 
     getRightArtifacts() {
diff --git a/okitweb/static/okit/view/designer/js/artefacts/key.js b/okitweb/static/okit/view/designer/js/artefacts/key.js
new file mode 100644
index 000000000..a0bad090e
--- /dev/null
+++ b/okitweb/static/okit/view/designer/js/artefacts/key.js
@@ -0,0 +1,163 @@
+/*
+** Copyright (c) 2020, 2021, Oracle and/or its affiliates.
+** Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+*/
+console.info('Loaded Key View Javascript');
+
+/*
+** Define Key View Class
+*/
+class KeyView extends OkitArtefactView {
+    constructor(artefact=null, json_view) {
+        if (!json_view.keys) json_view.keys = [];
+        super(artefact, json_view);
+    }
+    // TODO: Return Artefact Parent id e.g. vcn_id for a Internet Gateway
+    get parent_id() {return this.artefact.vcn_id;}
+    // TODO: Return Artefact Parent Object e.g. VirtualCloudNetwork for a Internet Gateway
+    get parent() {return this.getJsonView().getVirtualCloudNetwork(this.parent_id);}
+    // TODO: If the Resource is within a Subnet but the subnet_iss is not at the top level then raise it with the following functions if not required delete them.
+    // Direct Subnet Access
+    get subnet_id() {return this.artefact.primary_mount_target.subnet_id;}
+    set subnet_id(id) {this.artefact.primary_mount_target.subnet_id = id;}
+    /*
+    ** SVG Processing
+    */
+    /*
+    ** Property Sheet Load function
+    */
+    loadProperties() {
+        const self = this;
+        $(jqId(PROPERTIES_PANEL)).load("propertysheets/key.html", () => {loadPropertiesSheet(self.artefact);});
+    }
+    /*
+    ** Load and display Value Proposition
+    */
+    loadValueProposition() {
+        $(jqId(VALUE_PROPOSITION_PANEL)).load("valueproposition/key.html");
+    }
+    /*
+    ** Static Functionality
+    */
+    static getArtifactReference() {
+        return Key.getArtifactReference();
+    }
+    static getDropTargets() {
+        // TODO: Return List of Artefact Drop Targets Parent Object Reference Names e.g. VirtualCloudNetwork for a Internet Gateway
+        return [VirtualCloudNetwork.getArtifactReference()];
+    }
+}
+/*
+** Dynamically Add View Functions
+*/
+OkitJsonView.prototype.dropKeyView = function(target) {
+    let view_artefact = this.newKey();
+    if (target.type === Compartment.getArtifactReference()) {
+        view_artefact.artefact.compartment_id = target.id;
+    } else {
+        view_artefact.artefact.compartment_id = target.compartment_id;
+    }
+    view_artefact.recalculate_dimensions = true;
+    return view_artefact;
+}
+OkitJsonView.prototype.newKey = function(obj) {
+    this.getKeys().push(obj ? new KeyView(obj, this) : new KeyView(this.okitjson.newKey(), this));
+    return this.getKeys()[this.getKeys().length - 1];
+}
+OkitJsonView.prototype.getKeys = function() {
+    if (!this.keys) {
+        this.keys = [];
+    }
+    return this.keys;
+}
+OkitJsonView.prototype.getKey = function(id='') {
+    for (let artefact of this.getKeys()) {
+        if (artefact.id === id) {
+            return artefact;
+        }
+    }
+    return undefined;
+}
+OkitJsonView.prototype.loadKeys = function(keys) {
+    for (const artefact of keys) {
+        this.getKeys().push(new KeyView(new Key(artefact, this.okitjson), this));
+    }
+}
+OkitJsonView.prototype.moveKey = function(id) {
+    // Build Dialog
+    const self = this;
+    let key = this.getKey(id);
+    $(jqId('modal_dialog_title')).text('Move ' + key.display_name);
+    $(jqId('modal_dialog_body')).empty();
+    $(jqId('modal_dialog_footer')).empty();
+    const table = d3.select(d3Id('modal_dialog_body')).append('div')
+        .attr('class', 'table okit-table');
+    const tbody = table.append('div')
+        .attr('class', 'tbody');
+    // Subnet
+    let tr = tbody.append('div')
+        .attr('class', 'tr');
+    tr.append('div')
+        .attr('class', 'td')
+        .text('Subnet');
+    tr.append('div')
+        .attr('class', 'td')
+        .append('select')
+        .attr('id', 'move_key_subnet_id');
+    // Load Subnets
+    this.loadSubnetsSelect('move_key_subnet_id');
+    $(jqId("move_key_subnet_id")).val(key.artefact.subnet_id);
+    // Submit Button
+    const submit = d3.select(d3Id('modal_dialog_footer')).append('div').append('button')
+        .attr('id', 'submit_query_btn')
+        .attr('type', 'button')
+        .text('Move')
+        .on('click', function () {
+            $(jqId('modal_dialog_wrapper')).addClass('hidden');
+            if (key.artefact.subnet_id !== $(jqId("move_key_subnet_id")).val()) {
+                self.getSubnet(key.artefact.subnet_id).recalculate_dimensions = true;
+                self.getSubnet($(jqId("move_key_subnet_id")).val()).recalculate_dimensions = true;
+                key.artefact.subnet_id = $(jqId("move_key_subnet_id")).val();
+                key.artefact.compartment_id = self.getSubnet(key.artefact.subnet_id).artefact.compartment_id;
+            }
+            self.update(this.okitjson);
+        });
+    $(jqId('modal_dialog_wrapper')).removeClass('hidden');
+}
+OkitJsonView.prototype.pasteKey = function(drop_target) {
+    const clone = this.copied_artefact.artefact.clone();
+    clone.display_name += 'Copy';
+    if (this.paste_count) {clone.display_name += `-${this.paste_count}`;}
+    this.paste_count += 1;
+    clone.id = clone.okit_id;
+    if (drop_target.getArtifactReference() === Subnet.getArtifactReference()) {
+        clone.subnet_id = drop_target.id;
+        clone.compartment_id = drop_target.compartment_id;
+    }
+    this.okitjson.keys.push(clone);
+    this.update(this.okitjson);
+}
+OkitJsonView.prototype.loadKeysSelect = function(select_id, empty_option=false) {
+    $(jqId(select_id)).empty();
+    const key_select = $(jqId(select_id));
+    if (empty_option) {
+        key_select.append($('<option>').attr('value', '').text(''));
+    }
+    for (let key of this.getKeys()) {
+        key_select.append($('<option>').attr('value', key.id).text(key.display_name));
+    }
+}
+OkitJsonView.prototype.loadKeysMultiSelect = function(select_id) {
+    $(jqId(select_id)).empty();
+    const multi_select = d3.select(d3Id(select_id));
+    for (let key of this.getKeys()) {
+        const div = multi_select.append('div');
+        div.append('input')
+            .attr('type', 'checkbox')
+            .attr('id', safeId(key.id))
+            .attr('value', key.id);
+        div.append('label')
+            .attr('for', safeId(key.id))
+            .text(key.display_name);
+    }
+}
diff --git a/okitweb/static/okit/view/designer/js/artefacts/network_load_balancer.js b/okitweb/static/okit/view/designer/js/artefacts/network_load_balancer.js
new file mode 100644
index 000000000..719c35e38
--- /dev/null
+++ b/okitweb/static/okit/view/designer/js/artefacts/network_load_balancer.js
@@ -0,0 +1,163 @@
+/*
+** Copyright (c) 2020, 2021, Oracle and/or its affiliates.
+** Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+*/
+console.info('Loaded Network Load Balancer View Javascript');
+
+/*
+** Define Network Load Balancer View Class
+*/
+class NetworkLoadBalancerView extends OkitArtefactView {
+    constructor(artefact=null, json_view) {
+        if (!json_view.network_load_balancers) json_view.network_load_balancers = [];
+        super(artefact, json_view);
+    }
+    // TODO: Return Artefact Parent id e.g. vcn_id for a Internet Gateway
+    get parent_id() {return this.artefact.vcn_id;}
+    // TODO: Return Artefact Parent Object e.g. VirtualCloudNetwork for a Internet Gateway
+    get parent() {return this.getJsonView().getVirtualCloudNetwork(this.parent_id);}
+    // TODO: If the Resource is within a Subnet but the subnet_iss is not at the top level then raise it with the following functions if not required delete them.
+    // Direct Subnet Access
+    get subnet_id() {return this.artefact.primary_mount_target.subnet_id;}
+    set subnet_id(id) {this.artefact.primary_mount_target.subnet_id = id;}
+    /*
+    ** SVG Processing
+    */
+    /*
+    ** Property Sheet Load function
+    */
+    loadProperties() {
+        const self = this;
+        $(jqId(PROPERTIES_PANEL)).load("propertysheets/network_load_balancer.html", () => {loadPropertiesSheet(self.artefact);});
+    }
+    /*
+    ** Load and display Value Proposition
+    */
+    loadValueProposition() {
+        $(jqId(VALUE_PROPOSITION_PANEL)).load("valueproposition/network_load_balancer.html");
+    }
+    /*
+    ** Static Functionality
+    */
+    static getArtifactReference() {
+        return NetworkLoadBalancer.getArtifactReference();
+    }
+    static getDropTargets() {
+        // TODO: Return List of Artefact Drop Targets Parent Object Reference Names e.g. VirtualCloudNetwork for a Internet Gateway
+        return [VirtualCloudNetwork.getArtifactReference()];
+    }
+}
+/*
+** Dynamically Add View Functions
+*/
+OkitJsonView.prototype.dropNetworkLoadBalancerView = function(target) {
+    let view_artefact = this.newNetworkLoadBalancer();
+    if (target.type === Compartment.getArtifactReference()) {
+        view_artefact.artefact.compartment_id = target.id;
+    } else {
+        view_artefact.artefact.compartment_id = target.compartment_id;
+    }
+    view_artefact.recalculate_dimensions = true;
+    return view_artefact;
+}
+OkitJsonView.prototype.newNetworkLoadBalancer = function(obj) {
+    this.getNetworkLoadBalancers().push(obj ? new NetworkLoadBalancerView(obj, this) : new NetworkLoadBalancerView(this.okitjson.newNetworkLoadBalancer(), this));
+    return this.getNetworkLoadBalancers()[this.getNetworkLoadBalancers().length - 1];
+}
+OkitJsonView.prototype.getNetworkLoadBalancers = function() {
+    if (!this.network_load_balancers) {
+        this.network_load_balancers = [];
+    }
+    return this.network_load_balancers;
+}
+OkitJsonView.prototype.getNetworkLoadBalancer = function(id='') {
+    for (let artefact of this.getNetworkLoadBalancers()) {
+        if (artefact.id === id) {
+            return artefact;
+        }
+    }
+    return undefined;
+}
+OkitJsonView.prototype.loadNetworkLoadBalancers = function(network_load_balancers) {
+    for (const artefact of network_load_balancers) {
+        this.getNetworkLoadBalancers().push(new NetworkLoadBalancerView(new NetworkLoadBalancer(artefact, this.okitjson), this));
+    }
+}
+OkitJsonView.prototype.moveNetworkLoadBalancer = function(id) {
+    // Build Dialog
+    const self = this;
+    let network_load_balancer = this.getNetworkLoadBalancer(id);
+    $(jqId('modal_dialog_title')).text('Move ' + network_load_balancer.display_name);
+    $(jqId('modal_dialog_body')).empty();
+    $(jqId('modal_dialog_footer')).empty();
+    const table = d3.select(d3Id('modal_dialog_body')).append('div')
+        .attr('class', 'table okit-table');
+    const tbody = table.append('div')
+        .attr('class', 'tbody');
+    // Subnet
+    let tr = tbody.append('div')
+        .attr('class', 'tr');
+    tr.append('div')
+        .attr('class', 'td')
+        .text('Subnet');
+    tr.append('div')
+        .attr('class', 'td')
+        .append('select')
+        .attr('id', 'move_network_load_balancer_subnet_id');
+    // Load Subnets
+    this.loadSubnetsSelect('move_network_load_balancer_subnet_id');
+    $(jqId("move_network_load_balancer_subnet_id")).val(network_load_balancer.artefact.subnet_id);
+    // Submit Button
+    const submit = d3.select(d3Id('modal_dialog_footer')).append('div').append('button')
+        .attr('id', 'submit_query_btn')
+        .attr('type', 'button')
+        .text('Move')
+        .on('click', function () {
+            $(jqId('modal_dialog_wrapper')).addClass('hidden');
+            if (network_load_balancer.artefact.subnet_id !== $(jqId("move_network_load_balancer_subnet_id")).val()) {
+                self.getSubnet(network_load_balancer.artefact.subnet_id).recalculate_dimensions = true;
+                self.getSubnet($(jqId("move_network_load_balancer_subnet_id")).val()).recalculate_dimensions = true;
+                network_load_balancer.artefact.subnet_id = $(jqId("move_network_load_balancer_subnet_id")).val();
+                network_load_balancer.artefact.compartment_id = self.getSubnet(network_load_balancer.artefact.subnet_id).artefact.compartment_id;
+            }
+            self.update(this.okitjson);
+        });
+    $(jqId('modal_dialog_wrapper')).removeClass('hidden');
+}
+OkitJsonView.prototype.pasteNetworkLoadBalancer = function(drop_target) {
+    const clone = this.copied_artefact.artefact.clone();
+    clone.display_name += 'Copy';
+    if (this.paste_count) {clone.display_name += `-${this.paste_count}`;}
+    this.paste_count += 1;
+    clone.id = clone.okit_id;
+    if (drop_target.getArtifactReference() === Subnet.getArtifactReference()) {
+        clone.subnet_id = drop_target.id;
+        clone.compartment_id = drop_target.compartment_id;
+    }
+    this.okitjson.network_load_balancers.push(clone);
+    this.update(this.okitjson);
+}
+OkitJsonView.prototype.loadNetworkLoadBalancersSelect = function(select_id, empty_option=false) {
+    $(jqId(select_id)).empty();
+    const network_load_balancer_select = $(jqId(select_id));
+    if (empty_option) {
+        network_load_balancer_select.append($('<option>').attr('value', '').text(''));
+    }
+    for (let network_load_balancer of this.getNetworkLoadBalancers()) {
+        network_load_balancer_select.append($('<option>').attr('value', network_load_balancer.id).text(network_load_balancer.display_name));
+    }
+}
+OkitJsonView.prototype.loadNetworkLoadBalancersMultiSelect = function(select_id) {
+    $(jqId(select_id)).empty();
+    const multi_select = d3.select(d3Id(select_id));
+    for (let network_load_balancer of this.getNetworkLoadBalancers()) {
+        const div = multi_select.append('div');
+        div.append('input')
+            .attr('type', 'checkbox')
+            .attr('id', safeId(network_load_balancer.id))
+            .attr('value', network_load_balancer.id);
+        div.append('label')
+            .attr('for', safeId(network_load_balancer.id))
+            .text(network_load_balancer.display_name);
+    }
+}
diff --git a/okitweb/static/okit/view/designer/js/artefacts/nosql_database.js b/okitweb/static/okit/view/designer/js/artefacts/nosql_database.js
new file mode 100644
index 000000000..56cd72902
--- /dev/null
+++ b/okitweb/static/okit/view/designer/js/artefacts/nosql_database.js
@@ -0,0 +1,163 @@
+/*
+** Copyright (c) 2020, 2021, Oracle and/or its affiliates.
+** Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+*/
+console.info('Loaded NoSQL Database View Javascript');
+
+/*
+** Define NoSQL Database View Class
+*/
+class NoSQLDatabaseView extends OkitArtefactView {
+    constructor(artefact=null, json_view) {
+        if (!json_view.nosql_databases) json_view.nosql_databases = [];
+        super(artefact, json_view);
+    }
+    // TODO: Return Artefact Parent id e.g. vcn_id for a Internet Gateway
+    get parent_id() {return this.artefact.vcn_id;}
+    // TODO: Return Artefact Parent Object e.g. VirtualCloudNetwork for a Internet Gateway
+    get parent() {return this.getJsonView().getVirtualCloudNetwork(this.parent_id);}
+    // TODO: If the Resource is within a Subnet but the subnet_iss is not at the top level then raise it with the following functions if not required delete them.
+    // Direct Subnet Access
+    get subnet_id() {return this.artefact.primary_mount_target.subnet_id;}
+    set subnet_id(id) {this.artefact.primary_mount_target.subnet_id = id;}
+    /*
+    ** SVG Processing
+    */
+    /*
+    ** Property Sheet Load function
+    */
+    loadProperties() {
+        const self = this;
+        $(jqId(PROPERTIES_PANEL)).load("propertysheets/nosql_database.html", () => {loadPropertiesSheet(self.artefact);});
+    }
+    /*
+    ** Load and display Value Proposition
+    */
+    loadValueProposition() {
+        $(jqId(VALUE_PROPOSITION_PANEL)).load("valueproposition/nosql_database.html");
+    }
+    /*
+    ** Static Functionality
+    */
+    static getArtifactReference() {
+        return NoSQLDatabase.getArtifactReference();
+    }
+    static getDropTargets() {
+        // TODO: Return List of Artefact Drop Targets Parent Object Reference Names e.g. VirtualCloudNetwork for a Internet Gateway
+        return [VirtualCloudNetwork.getArtifactReference()];
+    }
+}
+/*
+** Dynamically Add View Functions
+*/
+OkitJsonView.prototype.dropNoSQLDatabaseView = function(target) {
+    let view_artefact = this.newNoSQLDatabase();
+    if (target.type === Compartment.getArtifactReference()) {
+        view_artefact.artefact.compartment_id = target.id;
+    } else {
+        view_artefact.artefact.compartment_id = target.compartment_id;
+    }
+    view_artefact.recalculate_dimensions = true;
+    return view_artefact;
+}
+OkitJsonView.prototype.newNoSQLDatabase = function(obj) {
+    this.getNoSQLDatabases().push(obj ? new NoSQLDatabaseView(obj, this) : new NoSQLDatabaseView(this.okitjson.newNoSQLDatabase(), this));
+    return this.getNoSQLDatabases()[this.getNoSQLDatabases().length - 1];
+}
+OkitJsonView.prototype.getNoSQLDatabases = function() {
+    if (!this.nosql_databases) {
+        this.nosql_databases = [];
+    }
+    return this.nosql_databases;
+}
+OkitJsonView.prototype.getNoSQLDatabase = function(id='') {
+    for (let artefact of this.getNoSQLDatabases()) {
+        if (artefact.id === id) {
+            return artefact;
+        }
+    }
+    return undefined;
+}
+OkitJsonView.prototype.loadNoSQLDatabases = function(nosql_databases) {
+    for (const artefact of nosql_databases) {
+        this.getNoSQLDatabases().push(new NoSQLDatabaseView(new NoSQLDatabase(artefact, this.okitjson), this));
+    }
+}
+OkitJsonView.prototype.moveNoSQLDatabase = function(id) {
+    // Build Dialog
+    const self = this;
+    let nosql_database = this.getNoSQLDatabase(id);
+    $(jqId('modal_dialog_title')).text('Move ' + nosql_database.display_name);
+    $(jqId('modal_dialog_body')).empty();
+    $(jqId('modal_dialog_footer')).empty();
+    const table = d3.select(d3Id('modal_dialog_body')).append('div')
+        .attr('class', 'table okit-table');
+    const tbody = table.append('div')
+        .attr('class', 'tbody');
+    // Subnet
+    let tr = tbody.append('div')
+        .attr('class', 'tr');
+    tr.append('div')
+        .attr('class', 'td')
+        .text('Subnet');
+    tr.append('div')
+        .attr('class', 'td')
+        .append('select')
+        .attr('id', 'move_nosql_database_subnet_id');
+    // Load Subnets
+    this.loadSubnetsSelect('move_nosql_database_subnet_id');
+    $(jqId("move_nosql_database_subnet_id")).val(nosql_database.artefact.subnet_id);
+    // Submit Button
+    const submit = d3.select(d3Id('modal_dialog_footer')).append('div').append('button')
+        .attr('id', 'submit_query_btn')
+        .attr('type', 'button')
+        .text('Move')
+        .on('click', function () {
+            $(jqId('modal_dialog_wrapper')).addClass('hidden');
+            if (nosql_database.artefact.subnet_id !== $(jqId("move_nosql_database_subnet_id")).val()) {
+                self.getSubnet(nosql_database.artefact.subnet_id).recalculate_dimensions = true;
+                self.getSubnet($(jqId("move_nosql_database_subnet_id")).val()).recalculate_dimensions = true;
+                nosql_database.artefact.subnet_id = $(jqId("move_nosql_database_subnet_id")).val();
+                nosql_database.artefact.compartment_id = self.getSubnet(nosql_database.artefact.subnet_id).artefact.compartment_id;
+            }
+            self.update(this.okitjson);
+        });
+    $(jqId('modal_dialog_wrapper')).removeClass('hidden');
+}
+OkitJsonView.prototype.pasteNoSQLDatabase = function(drop_target) {
+    const clone = this.copied_artefact.artefact.clone();
+    clone.display_name += 'Copy';
+    if (this.paste_count) {clone.display_name += `-${this.paste_count}`;}
+    this.paste_count += 1;
+    clone.id = clone.okit_id;
+    if (drop_target.getArtifactReference() === Subnet.getArtifactReference()) {
+        clone.subnet_id = drop_target.id;
+        clone.compartment_id = drop_target.compartment_id;
+    }
+    this.okitjson.nosql_databases.push(clone);
+    this.update(this.okitjson);
+}
+OkitJsonView.prototype.loadNoSQLDatabasesSelect = function(select_id, empty_option=false) {
+    $(jqId(select_id)).empty();
+    const nosql_database_select = $(jqId(select_id));
+    if (empty_option) {
+        nosql_database_select.append($('<option>').attr('value', '').text(''));
+    }
+    for (let nosql_database of this.getNoSQLDatabases()) {
+        nosql_database_select.append($('<option>').attr('value', nosql_database.id).text(nosql_database.display_name));
+    }
+}
+OkitJsonView.prototype.loadNoSQLDatabasesMultiSelect = function(select_id) {
+    $(jqId(select_id)).empty();
+    const multi_select = d3.select(d3Id(select_id));
+    for (let nosql_database of this.getNoSQLDatabases()) {
+        const div = multi_select.append('div');
+        div.append('input')
+            .attr('type', 'checkbox')
+            .attr('id', safeId(nosql_database.id))
+            .attr('value', nosql_database.id);
+        div.append('label')
+            .attr('for', safeId(nosql_database.id))
+            .text(nosql_database.display_name);
+    }
+}
diff --git a/okitweb/static/okit/view/designer/js/artefacts/subnet.js b/okitweb/static/okit/view/designer/js/artefacts/subnet.js
index c3b441c63..56789eb31 100644
--- a/okitweb/static/okit/view/designer/js/artefacts/subnet.js
+++ b/okitweb/static/okit/view/designer/js/artefacts/subnet.js
@@ -160,7 +160,7 @@ class SubnetView extends OkitContainerDesignerArtefactView {
     }
 
     getTopArtifacts() {
-        return [LoadBalancer.getArtifactReference()];
+        return [Bastion.getArtifactReference(), LoadBalancer.getArtifactReference()];
     }
 
     getBottomArtifacts() {
diff --git a/okitweb/static/okit/view/designer/js/artefacts/vault.js b/okitweb/static/okit/view/designer/js/artefacts/vault.js
new file mode 100644
index 000000000..6d9d0ea05
--- /dev/null
+++ b/okitweb/static/okit/view/designer/js/artefacts/vault.js
@@ -0,0 +1,163 @@
+/*
+** Copyright (c) 2020, 2021, Oracle and/or its affiliates.
+** Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+*/
+console.info('Loaded Vault View Javascript');
+
+/*
+** Define Vault View Class
+*/
+class VaultView extends OkitArtefactView {
+    constructor(artefact=null, json_view) {
+        if (!json_view.vaults) json_view.vaults = [];
+        super(artefact, json_view);
+    }
+    // TODO: Return Artefact Parent id e.g. vcn_id for a Internet Gateway
+    get parent_id() {return this.artefact.vcn_id;}
+    // TODO: Return Artefact Parent Object e.g. VirtualCloudNetwork for a Internet Gateway
+    get parent() {return this.getJsonView().getVirtualCloudNetwork(this.parent_id);}
+    // TODO: If the Resource is within a Subnet but the subnet_iss is not at the top level then raise it with the following functions if not required delete them.
+    // Direct Subnet Access
+    get subnet_id() {return this.artefact.primary_mount_target.subnet_id;}
+    set subnet_id(id) {this.artefact.primary_mount_target.subnet_id = id;}
+    /*
+    ** SVG Processing
+    */
+    /*
+    ** Property Sheet Load function
+    */
+    loadProperties() {
+        const self = this;
+        $(jqId(PROPERTIES_PANEL)).load("propertysheets/vault.html", () => {loadPropertiesSheet(self.artefact);});
+    }
+    /*
+    ** Load and display Value Proposition
+    */
+    loadValueProposition() {
+        $(jqId(VALUE_PROPOSITION_PANEL)).load("valueproposition/vault.html");
+    }
+    /*
+    ** Static Functionality
+    */
+    static getArtifactReference() {
+        return Vault.getArtifactReference();
+    }
+    static getDropTargets() {
+        // TODO: Return List of Artefact Drop Targets Parent Object Reference Names e.g. VirtualCloudNetwork for a Internet Gateway
+        return [VirtualCloudNetwork.getArtifactReference()];
+    }
+}
+/*
+** Dynamically Add View Functions
+*/
+OkitJsonView.prototype.dropVaultView = function(target) {
+    let view_artefact = this.newVault();
+    if (target.type === Compartment.getArtifactReference()) {
+        view_artefact.artefact.compartment_id = target.id;
+    } else {
+        view_artefact.artefact.compartment_id = target.compartment_id;
+    }
+    view_artefact.recalculate_dimensions = true;
+    return view_artefact;
+}
+OkitJsonView.prototype.newVault = function(obj) {
+    this.getVaults().push(obj ? new VaultView(obj, this) : new VaultView(this.okitjson.newVault(), this));
+    return this.getVaults()[this.getVaults().length - 1];
+}
+OkitJsonView.prototype.getVaults = function() {
+    if (!this.vaults) {
+        this.vaults = [];
+    }
+    return this.vaults;
+}
+OkitJsonView.prototype.getVault = function(id='') {
+    for (let artefact of this.getVaults()) {
+        if (artefact.id === id) {
+            return artefact;
+        }
+    }
+    return undefined;
+}
+OkitJsonView.prototype.loadVaults = function(vaults) {
+    for (const artefact of vaults) {
+        this.getVaults().push(new VaultView(new Vault(artefact, this.okitjson), this));
+    }
+}
+OkitJsonView.prototype.moveVault = function(id) {
+    // Build Dialog
+    const self = this;
+    let vault = this.getVault(id);
+    $(jqId('modal_dialog_title')).text('Move ' + vault.display_name);
+    $(jqId('modal_dialog_body')).empty();
+    $(jqId('modal_dialog_footer')).empty();
+    const table = d3.select(d3Id('modal_dialog_body')).append('div')
+        .attr('class', 'table okit-table');
+    const tbody = table.append('div')
+        .attr('class', 'tbody');
+    // Subnet
+    let tr = tbody.append('div')
+        .attr('class', 'tr');
+    tr.append('div')
+        .attr('class', 'td')
+        .text('Subnet');
+    tr.append('div')
+        .attr('class', 'td')
+        .append('select')
+        .attr('id', 'move_vault_subnet_id');
+    // Load Subnets
+    this.loadSubnetsSelect('move_vault_subnet_id');
+    $(jqId("move_vault_subnet_id")).val(vault.artefact.subnet_id);
+    // Submit Button
+    const submit = d3.select(d3Id('modal_dialog_footer')).append('div').append('button')
+        .attr('id', 'submit_query_btn')
+        .attr('type', 'button')
+        .text('Move')
+        .on('click', function () {
+            $(jqId('modal_dialog_wrapper')).addClass('hidden');
+            if (vault.artefact.subnet_id !== $(jqId("move_vault_subnet_id")).val()) {
+                self.getSubnet(vault.artefact.subnet_id).recalculate_dimensions = true;
+                self.getSubnet($(jqId("move_vault_subnet_id")).val()).recalculate_dimensions = true;
+                vault.artefact.subnet_id = $(jqId("move_vault_subnet_id")).val();
+                vault.artefact.compartment_id = self.getSubnet(vault.artefact.subnet_id).artefact.compartment_id;
+            }
+            self.update(this.okitjson);
+        });
+    $(jqId('modal_dialog_wrapper')).removeClass('hidden');
+}
+OkitJsonView.prototype.pasteVault = function(drop_target) {
+    const clone = this.copied_artefact.artefact.clone();
+    clone.display_name += 'Copy';
+    if (this.paste_count) {clone.display_name += `-${this.paste_count}`;}
+    this.paste_count += 1;
+    clone.id = clone.okit_id;
+    if (drop_target.getArtifactReference() === Subnet.getArtifactReference()) {
+        clone.subnet_id = drop_target.id;
+        clone.compartment_id = drop_target.compartment_id;
+    }
+    this.okitjson.vaults.push(clone);
+    this.update(this.okitjson);
+}
+OkitJsonView.prototype.loadVaultsSelect = function(select_id, empty_option=false) {
+    $(jqId(select_id)).empty();
+    const vault_select = $(jqId(select_id));
+    if (empty_option) {
+        vault_select.append($('<option>').attr('value', '').text(''));
+    }
+    for (let vault of this.getVaults()) {
+        vault_select.append($('<option>').attr('value', vault.id).text(vault.display_name));
+    }
+}
+OkitJsonView.prototype.loadVaultsMultiSelect = function(select_id) {
+    $(jqId(select_id)).empty();
+    const multi_select = d3.select(d3Id(select_id));
+    for (let vault of this.getVaults()) {
+        const div = multi_select.append('div');
+        div.append('input')
+            .attr('type', 'checkbox')
+            .attr('id', safeId(vault.id))
+            .attr('value', vault.id);
+        div.append('label')
+            .attr('for', safeId(vault.id))
+            .text(vault.display_name);
+    }
+}
diff --git a/okitweb/static/okit/view/designer/js/artefacts/virtual_cloud_network.js b/okitweb/static/okit/view/designer/js/artefacts/virtual_cloud_network.js
index 8f6e93894..7cf335b6a 100644
--- a/okitweb/static/okit/view/designer/js/artefacts/virtual_cloud_network.js
+++ b/okitweb/static/okit/view/designer/js/artefacts/virtual_cloud_network.js
@@ -48,7 +48,7 @@ class VirtualCloudNetworkView extends OkitContainerDesignerArtefactView {
         $(jqId(PROPERTIES_PANEL)).load("propertysheets/virtual_cloud_network.html", () => {
             loadPropertiesSheet(me.artefact);
             $(jqId('cidr_blocks')).on('change', function() {
-                console.info('CIDR Block Changed ' + $(jqId('cidr_block')).val());
+                console.info('CIDR Block Changed ' + $(jqId('cidr_blocks')).val());
                 for (let subnet of me.artefact.getOkitJson().subnets) {
                     if (subnet.vcn_id === me.id) {
                         subnet.generateCIDR();
diff --git a/okitweb/templates/okit/okit_designer.html b/okitweb/templates/okit/okit_designer.html
index ac1f709ee..876b3c78f 100644
--- a/okitweb/templates/okit/okit_designer.html
+++ b/okitweb/templates/okit/okit_designer.html
@@ -401,9 +401,14 @@
                     <ul>
                         <li><a>Json</a></li>
                         <li><a>Terraform</a></li>
-                        <li><a>SVG</a></li>
-                        <li><a>PNG</a></li>
-                        <li><a>JPG</a></li>
+                        <li><a>Resource Manager</a></li>
+                        <li><a>Image</a>
+                            <ul>
+                                <li><a>SVG</a></li>
+                                <li><a>PNG</a></li>
+                                <li><a>JPG</a></li>
+                            </ul>
+                        </li>
                     </ul>
                 </li>
             </ul>
diff --git a/okitweb/templates/okit/propertysheets/base_property_sheet.html b/okitweb/templates/okit/propertysheets/base_property_sheet.html
index 4bc6908a8..133dab988 100644
--- a/okitweb/templates/okit/propertysheets/base_property_sheet.html
+++ b/okitweb/templates/okit/propertysheets/base_property_sheet.html
@@ -8,9 +8,9 @@
     {% elif type == 'number' %}
         <div id="{{ name }}_row" class='tr{% if collapsed %} collapsed{% endif %}'><div class='td'>{{ title }}</div><div class='td'><input type="{{ type }}" id="{{ name }}" name="{{ name }}" class="okit-property-value" {% if readonly %} readonly{% endif %} {% if data.min is defined %} min="{{ data.min }}" {% endif %} {% if data.max is defined %} max="{{ data.max }}" {% endif %} onblur="this.reportValidity();"></div></div>
     {% elif type == 'ipv4' %}
-        <div id="{{ name }}_row" class='tr{% if collapsed %} collapsed{% endif %}'><div class='td'>{{ title }}</div><div class='td'><input type="{{ type }}" id="{{ name }}" name="{{ name }}" class="okit-property-value" {% if readonly %} readonly{% endif %} pattern="^((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(3[0-2]|[1-2][0-9]|[0-9]))$)+" title="IPv4 CIDR block" onblur="this.reportValidity();"></div></div>
+        <div id="{{ name }}_row" class='tr{% if collapsed %} collapsed{% endif %}'><div class='td'>{{ title }}</div><div class='td'><input type="text" id="{{ name }}" name="{{ name }}" class="okit-property-value" {% if readonly %} readonly{% endif %} pattern="^((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(3[0-2]|[1-2][0-9]|[0-9]))$)+" title="IPv4 CIDR block" onblur="this.reportValidity();"></div></div>
     {% elif type == 'ipv4-list' %}
-        <div id="{{ name }}_row" class='tr{% if collapsed %} collapsed{% endif %}'><div class='td'>{{ title }}</div><div class='td'><input type="{{ type }}" id="{{ name }}" name="{{ name }}" class="okit-property-value" {% if readonly %} readonly{% endif %} pattern="^((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(3[0-2]|[1-2][0-9]|[0-9]))(,\s?|$))+" title="Comma separated IPv4 CIDR blocks" onblur="this.reportValidity();"></div></div>
+        <div id="{{ name }}_row" class='tr{% if collapsed %} collapsed{% endif %}'><div class='td'>{{ title }}</div><div class='td'><input type="text" id="{{ name }}" name="{{ name }}" class="okit-property-value" {% if readonly %} readonly{% endif %} pattern="^((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(3[0-2]|[1-2][0-9]|[0-9]))(,\s?|$))+" title="Comma separated IPv4 CIDR blocks" onblur="this.reportValidity();"></div></div>
     {% elif type == 'checkbox' %}
         <div id="{{ name }}_row" class='tr{% if collapsed %} collapsed{% endif %}'><div class='td'></div><div class='td'><label><input type="{{ type }}" id="{{ name }}" name="{{ name }}" value="false" {% if readonly %} readonly  onclick="return false"{% endif %}>{{ title }}</label></div></div>
     {% elif type == 'textarea' %}
diff --git a/okitweb/templates/okit/propertysheets/bastion.html b/okitweb/templates/okit/propertysheets/bastion.html
new file mode 100644
index 000000000..29ec594c2
--- /dev/null
+++ b/okitweb/templates/okit/propertysheets/bastion.html
@@ -0,0 +1,13 @@
+<!--
+** Copyright (c) 2020, 2021, Oracle and/or its affiliates.
+** Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+-->
+{% extends "okit/propertysheets/base_property_sheet.html" %}
+{% block title_block %}Bastion{% endblock %}
+{% block required_properties_table_rows_block %}
+    {{ properties_input('CIDR block allowlist', 'client_cidr_block_allow_list', type='ipv4-list') }}
+{% endblock %}
+{% block optional_properties_table_rows_block %}
+    {{ properties_input('Session TTL (Seconds)', 'max_session_ttl_in_seconds', type='number') }}
+{% endblock %}
+{% block optional_properties_block %}{% endblock %}
diff --git a/okitweb/templates/okit/propertysheets/key.html b/okitweb/templates/okit/propertysheets/key.html
new file mode 100644
index 000000000..c8d4a1883
--- /dev/null
+++ b/okitweb/templates/okit/propertysheets/key.html
@@ -0,0 +1,9 @@
+<!--
+** Copyright (c) 2020, 2021, Oracle and/or its affiliates.
+** Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+-->
+{% extends "okit/propertysheets/base_property_sheet.html" %}
+{% block title_block %}Key{% endblock %}
+{% block required_properties_table_rows_block %}{% endblock %}
+{% block optional_properties_table_rows_block %}{% endblock %}
+{% block optional_properties_block %}{% endblock %}
diff --git a/okitweb/templates/okit/propertysheets/network_load_balancer.html b/okitweb/templates/okit/propertysheets/network_load_balancer.html
new file mode 100644
index 000000000..9fb8a3bad
--- /dev/null
+++ b/okitweb/templates/okit/propertysheets/network_load_balancer.html
@@ -0,0 +1,9 @@
+<!--
+** Copyright (c) 2020, 2021, Oracle and/or its affiliates.
+** Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+-->
+{% extends "okit/propertysheets/base_property_sheet.html" %}
+{% block title_block %}Network Load Balancer{% endblock %}
+{% block required_properties_table_rows_block %}{% endblock %}
+{% block optional_properties_table_rows_block %}{% endblock %}
+{% block optional_properties_block %}{% endblock %}
diff --git a/okitweb/templates/okit/propertysheets/nosql_database.html b/okitweb/templates/okit/propertysheets/nosql_database.html
new file mode 100644
index 000000000..a2c66495e
--- /dev/null
+++ b/okitweb/templates/okit/propertysheets/nosql_database.html
@@ -0,0 +1,9 @@
+<!--
+** Copyright (c) 2020, 2021, Oracle and/or its affiliates.
+** Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+-->
+{% extends "okit/propertysheets/base_property_sheet.html" %}
+{% block title_block %}NoSQL Database{% endblock %}
+{% block required_properties_table_rows_block %}{% endblock %}
+{% block optional_properties_table_rows_block %}{% endblock %}
+{% block optional_properties_block %}{% endblock %}
diff --git a/okitweb/templates/okit/propertysheets/vault.html b/okitweb/templates/okit/propertysheets/vault.html
new file mode 100644
index 000000000..b1135c50a
--- /dev/null
+++ b/okitweb/templates/okit/propertysheets/vault.html
@@ -0,0 +1,9 @@
+<!--
+** Copyright (c) 2020, 2021, Oracle and/or its affiliates.
+** Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+-->
+{% extends "okit/propertysheets/base_property_sheet.html" %}
+{% block title_block %}Vault{% endblock %}
+{% block required_properties_table_rows_block %}{% endblock %}
+{% block optional_properties_table_rows_block %}{% endblock %}
+{% block optional_properties_block %}{% endblock %}
diff --git a/okitweb/templates/okit/valueproposition/bastion.html b/okitweb/templates/okit/valueproposition/bastion.html
new file mode 100644
index 000000000..70d71bede
--- /dev/null
+++ b/okitweb/templates/okit/valueproposition/bastion.html
@@ -0,0 +1,5 @@
+<!--
+** Copyright (c) 2020, 2021, Oracle and/or its affiliates.
+** Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+-->
+{% extends "okit/valueproposition/oci.html" %}
diff --git a/okitweb/templates/okit/valueproposition/key.html b/okitweb/templates/okit/valueproposition/key.html
new file mode 100644
index 000000000..70d71bede
--- /dev/null
+++ b/okitweb/templates/okit/valueproposition/key.html
@@ -0,0 +1,5 @@
+<!--
+** Copyright (c) 2020, 2021, Oracle and/or its affiliates.
+** Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+-->
+{% extends "okit/valueproposition/oci.html" %}
diff --git a/okitweb/templates/okit/valueproposition/network_load_balancer.html b/okitweb/templates/okit/valueproposition/network_load_balancer.html
new file mode 100644
index 000000000..70d71bede
--- /dev/null
+++ b/okitweb/templates/okit/valueproposition/network_load_balancer.html
@@ -0,0 +1,5 @@
+<!--
+** Copyright (c) 2020, 2021, Oracle and/or its affiliates.
+** Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+-->
+{% extends "okit/valueproposition/oci.html" %}
diff --git a/okitweb/templates/okit/valueproposition/nosql_database.html b/okitweb/templates/okit/valueproposition/nosql_database.html
new file mode 100644
index 000000000..70d71bede
--- /dev/null
+++ b/okitweb/templates/okit/valueproposition/nosql_database.html
@@ -0,0 +1,5 @@
+<!--
+** Copyright (c) 2020, 2021, Oracle and/or its affiliates.
+** Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+-->
+{% extends "okit/valueproposition/oci.html" %}
diff --git a/okitweb/templates/okit/valueproposition/vault.html b/okitweb/templates/okit/valueproposition/vault.html
new file mode 100644
index 000000000..70d71bede
--- /dev/null
+++ b/okitweb/templates/okit/valueproposition/vault.html
@@ -0,0 +1,5 @@
+<!--
+** Copyright (c) 2020, 2021, Oracle and/or its affiliates.
+** Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+-->
+{% extends "okit/valueproposition/oci.html" %}
diff --git a/skeletons/templates/artefact_model.js.jinja2 b/skeletons/templates/artefact_model.js.jinja2
index c6fdda18e..94e4c33f2 100644
--- a/skeletons/templates/artefact_model.js.jinja2
+++ b/skeletons/templates/artefact_model.js.jinja2
@@ -67,6 +67,6 @@ OkitJson.prototype.get{{ model_class_name }} = function(id='') {
 return undefined;
 }
 OkitJson.prototype.delete{{ model_class_name }} = function(id) {
-    this.{{ artefact_json_list }} = this.{{ artefact_json_list }} ? this.{{ artefact_json_list }}.filter((r) => r.id !== id : []
+    this.{{ artefact_json_list }} = this.{{ artefact_json_list }} ? this.{{ artefact_json_list }}.filter((r) => r.id !== id) : []
 }
 
diff --git a/skeletons/templates/artefact_view.js.jinja2 b/skeletons/templates/artefact_view.js.jinja2
index 3c188a88d..2428110f9 100644
--- a/skeletons/templates/artefact_view.js.jinja2
+++ b/skeletons/templates/artefact_view.js.jinja2
@@ -48,7 +48,7 @@ class {{ model_class_name }}View extends OkitContainerArtefactView {
     }
     static getDropTargets() {
         // TODO: Return List of Artefact Drop Targets Parent Object Reference Names e.g. VirtualCloudNetwork for a Internet Gateway
-        return [VirtualCloudNetwork.getArtifactReference()];
+        return [Compartment.getArtifactReference()];
     }
 }
 /*
diff --git a/visualiser/discovery/oci_discovery_client.py b/visualiser/discovery/oci_discovery_client.py
index 441218a05..af3a12b21 100755
--- a/visualiser/discovery/oci_discovery_client.py
+++ b/visualiser/discovery/oci_discovery_client.py
@@ -20,6 +20,8 @@ class OciResourceDiscoveryClient(object):
     # methods. Creates a map of:
     #     { resource_name -> (Client, list_method) }
     get_resource_client_methods = {
+        # oci.bastion.BastionClient
+        "BastionDetails": (oci.bastion.BastionClient, "get_bastion"), # used to get full details
         # oci.core.BlockstorageClient
         "VolumeBackupPolicyAssignment": (oci.core.BlockstorageClient, "get_volume_backup_policy_asset_assignment"),
         # oci.core.ComputeClient
@@ -32,7 +34,7 @@ class OciResourceDiscoveryClient(object):
         # oci.database.DatabaseClient
         "ExadataIormConfig": (oci.database.DatabaseClient, "get_cloud_vm_cluster_iorm_config"),
         # oci.mysql.DbSystemClient
-        "MySQLDbSystemDetails": (oci.mysql.DbSystemClient, "get_db_system"), # used to get full details of the result and list_db_systems does not include all attributes
+        "MySQLDbSystemDetails": (oci.mysql.DbSystemClient, "get_db_system"), # used to get full details of the result as list_db_systems does not include all attributes
         # oci.mysql.MysqlaasClient
         "MySQLConfiguration": (oci.mysql.MysqlaasClient, "get_configuration"), # used to get details of the Default configurations
         # oci.os_management.OsManagementClient
@@ -600,12 +602,17 @@ def submit_list_resource_worker_requests(self, executor, regional_resources_comp
                     logger.warn(f"unsupported resource type {resource_type}")
                     continue                    
 
+                # do a get for resources that need full details or don't have a list method
                 if resource_type in self.get_resource_client_methods and item[2]:
                     klass, method_name = self.get_resource_client_methods[resource_type]
                     if method_name == "get_application": # DataFlowApplicationDetails
                         application_id = item[2]
                         future = executor.submit(self.list_resources, klass, method_name, region, application_id=application_id)
                         futures_list.update({(region, resource_type, compartment_id, application_id):future})
+                    if method_name == "get_bastion": # BastionDetails
+                        bastion_id = item[2]
+                        future = executor.submit(self.list_resources, klass, method_name, region, bastion_id=bastion_id)
+                        futures_list.update({(region, resource_type, None, bastion_id):future})
                     elif method_name == "get_cloud_vm_cluster_iorm_config": # CloudExadataInfrastrcture
                         cloud_vm_cluster_id = item[2]
                         future = executor.submit(self.list_resources, klass, method_name, region, cloud_vm_cluster_id=cloud_vm_cluster_id)
@@ -640,6 +647,7 @@ def submit_list_resource_worker_requests(self, executor, regional_resources_comp
                         future = executor.submit(self.list_resources, klass, method_name, region, asset_id=asset_id)
                         futures_list.update({(region, resource_type, compartment_id, asset_id):future})
 
+                # do a list for other resources, which is more efficient than separate get requests
                 if resource_type in self.static_resource_client_methods:
                     klass, method_name = self.static_resource_client_methods[resource_type]
                     if method_name == "get_cluster_options":
@@ -993,6 +1001,7 @@ def process_list_resource_worker_reponses(self, futures_list):
                         new_result = [ExtendedVirtualCircuitBandwidthShape(fastconnect_provider_id, shape) for shape in result]
                         result = new_result
                     elif resource_type in [
+                        "BastionDetails",
                         "ClusterOptions",
                         "DataFlowApplicationDetails", "DataFlowRunDetails",
                         "Image",
@@ -1017,15 +1026,12 @@ def process_list_resource_worker_reponses(self, futures_list):
             except oci.exceptions.ConnectTimeout as ct:
                 logger.warn(("get_resources()", future, ct))
                 failed_requests.append(future)
-                # TODO retry
             except oci.exceptions.RequestException as re:
                 logger.warn(("get_resources()", future, re))
                 failed_requests.append(future)
-                # TODO retry
             except TimeoutError as te:
                 logger.error(("get_resources()", future, te, self.timeout))
                 failed_requests.append(future)
-                # TODO retry
             except Exception as e:
                 logger.error(("get_resources()", future, e))
 
@@ -1342,6 +1348,10 @@ def get_all_resources(self):
             if "DataFlowRun" in resources_by_region[region]:
                 for resource in resources_by_region[region]["DataFlowRun"]:
                     regional_resource_requests.add(("DataFlowRunDetails", resource.compartment_id, resource.id))
+            # get extra details for Bastion
+            if "Bastion" in resources_by_region[region]:
+                for resource in resources_by_region[region]["Bastion"]:
+                    regional_resource_requests.add(("BastionDetails", resource.compartment_id, resource.id))
 
             extra_resource_requests.update({region:regional_resource_requests})
 
@@ -1387,13 +1397,14 @@ def get_all_resources(self):
                     # add
                     resources_by_region[region][resource_type] = final_resources_by_region[region][resource_type]
 
-            if len(resources_by_region) == 0:
-                logger.warn("Resource discovery results are empty")  
-            else:
-                # replace summary result with resource details
-                self.replace_resource_details(resources_by_region, region, "MySQLDbSystem", "MySQLDbSystemDetails")
-                self.replace_resource_details(resources_by_region, region, "DataFlowApplication", "DataFlowApplicationDetails")
-                self.replace_resource_details(resources_by_region, region, "DataFlowRun", "DataFlowRunDetails")
+        if len(resources_by_region) == 0:
+            logger.warn("Resource discovery results are empty")  
+        else:
+            # replace summary result with resource details
+            self.replace_resource_details(resources_by_region, region, "MySQLDbSystem", "MySQLDbSystemDetails")
+            self.replace_resource_details(resources_by_region, region, "DataFlowApplication", "DataFlowApplicationDetails")
+            self.replace_resource_details(resources_by_region, region, "DataFlowRun", "DataFlowRunDetails")
+            self.replace_resource_details(resources_by_region, region, "Bastion", "BastionDetails")
 
         # remove duplicate shapes
         # For multi-AD regions the list_shapes method returns shapes per AD, but does not distinguish which shape
diff --git a/visualiser/facades/ociBastion.py b/visualiser/facades/ociBastion.py
new file mode 100644
index 000000000..767280792
--- /dev/null
+++ b/visualiser/facades/ociBastion.py
@@ -0,0 +1,52 @@
+#!/usr/bin/python
+
+# Copyright (c) 2020, 2021, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+"""Provide Module Description
+"""
+
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~#
+__author__ = ["Andrew Hopkinson (Oracle Cloud Solutions A-Team)"]
+__version__ = "1.0.0"
+__module__ = "ociBastion"
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~#
+
+
+import oci
+
+from common.okitLogging import getLogger
+from facades.ociConnection import OCIBastionConnection
+
+# Configure logging
+logger = getLogger()
+
+
+class OCIBastions(OCIBastionConnection):
+    def __init__(self, config=None, configfile=None, profile=None, compartment_id=None):
+        self.compartment_id = compartment_id
+        self.bastions_json = []
+        super(OCIBastions, self).__init__(config=config, configfile=configfile, profile=profile)
+
+    def list(self, compartment_id=None, filter=None):
+        if compartment_id is None:
+            compartment_id = self.compartment_id
+
+        # Add filter to only return AVAILABLE Compartments
+        if filter is None:
+            filter = {}
+
+        if 'lifecycle_state' not in filter:
+            filter['lifecycle_state'] = 'AVAILABLE'
+
+        bastions = oci.pagination.list_call_get_all_results(self.client.list_bastions, compartment_id=compartment_id).data
+
+        # Convert to Json object
+        bastions_json = self.toJson(bastions)
+        logger.debug(str(bastions_json))
+
+        # Filter results
+        self.bastions_json = self.filterJsonObjectList(bastions_json, filter)
+        logger.debug(str(self.bastions_json))
+
+        return self.bastions_json
diff --git a/visualiser/facades/ociKey.py b/visualiser/facades/ociKey.py
new file mode 100644
index 000000000..5dc16c377
--- /dev/null
+++ b/visualiser/facades/ociKey.py
@@ -0,0 +1,52 @@
+#!/usr/bin/python
+
+# Copyright (c) 2020, 2021, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+"""Provide Module Description
+"""
+
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~#
+__author__ = ["Andrew Hopkinson (Oracle Cloud Solutions A-Team)"]
+__version__ = "1.0.0"
+__module__ = "ociKey"
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~#
+
+
+import oci
+
+from common.okitLogging import getLogger
+from facades.ociConnection import OCIKeyConnection
+
+# Configure logging
+logger = getLogger()
+
+
+class OCIKeys(OCIKeyConnection):
+    def __init__(self, config=None, configfile=None, profile=None, compartment_id=None):
+        self.compartment_id = compartment_id
+        self.keys_json = []
+        super(OCIKeys, self).__init__(config=config, configfile=configfile, profile=profile)
+
+    def list(self, compartment_id=None, filter=None):
+        if compartment_id is None:
+            compartment_id = self.compartment_id
+
+        # Add filter to only return AVAILABLE Compartments
+        if filter is None:
+            filter = {}
+
+        if 'lifecycle_state' not in filter:
+            filter['lifecycle_state'] = 'AVAILABLE'
+
+        keys = oci.pagination.list_call_get_all_results(self.client.list_keys, compartment_id=compartment_id).data
+
+        # Convert to Json object
+        keys_json = self.toJson(keys)
+        logger.debug(str(keys_json))
+
+        # Filter results
+        self.keys_json = self.filterJsonObjectList(keys_json, filter)
+        logger.debug(str(self.keys_json))
+
+        return self.keys_json
diff --git a/visualiser/facades/ociNetworkLoadBalancer.py b/visualiser/facades/ociNetworkLoadBalancer.py
new file mode 100644
index 000000000..df0184033
--- /dev/null
+++ b/visualiser/facades/ociNetworkLoadBalancer.py
@@ -0,0 +1,52 @@
+#!/usr/bin/python
+
+# Copyright (c) 2020, 2021, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+"""Provide Module Description
+"""
+
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~#
+__author__ = ["Andrew Hopkinson (Oracle Cloud Solutions A-Team)"]
+__version__ = "1.0.0"
+__module__ = "ociNetworkLoadBalancer"
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~#
+
+
+import oci
+
+from common.okitLogging import getLogger
+from facades.ociConnection import OCINetworkLoadBalancerConnection
+
+# Configure logging
+logger = getLogger()
+
+
+class OCINetworkLoadBalancers(OCINetworkLoadBalancerConnection):
+    def __init__(self, config=None, configfile=None, profile=None, compartment_id=None):
+        self.compartment_id = compartment_id
+        self.network_load_balancers_json = []
+        super(OCINetworkLoadBalancers, self).__init__(config=config, configfile=configfile, profile=profile)
+
+    def list(self, compartment_id=None, filter=None):
+        if compartment_id is None:
+            compartment_id = self.compartment_id
+
+        # Add filter to only return AVAILABLE Compartments
+        if filter is None:
+            filter = {}
+
+        if 'lifecycle_state' not in filter:
+            filter['lifecycle_state'] = 'AVAILABLE'
+
+        network_load_balancers = oci.pagination.list_call_get_all_results(self.client.list_network_load_balancers, compartment_id=compartment_id).data
+
+        # Convert to Json object
+        network_load_balancers_json = self.toJson(network_load_balancers)
+        logger.debug(str(network_load_balancers_json))
+
+        # Filter results
+        self.network_load_balancers_json = self.filterJsonObjectList(network_load_balancers_json, filter)
+        logger.debug(str(self.network_load_balancers_json))
+
+        return self.network_load_balancers_json
diff --git a/visualiser/facades/ociNoSQL.py b/visualiser/facades/ociNoSQL.py
new file mode 100644
index 000000000..70af69592
--- /dev/null
+++ b/visualiser/facades/ociNoSQL.py
@@ -0,0 +1,52 @@
+#!/usr/bin/python
+
+# Copyright (c) 2020, 2021, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+"""Provide Module Description
+"""
+
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~#
+__author__ = ["Andrew Hopkinson (Oracle Cloud Solutions A-Team)"]
+__version__ = "1.0.0"
+__module__ = "ociNoSQL"
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~#
+
+
+import oci
+
+from common.okitLogging import getLogger
+from facades.ociConnection import OCINoSQLConnection
+
+# Configure logging
+logger = getLogger()
+
+
+class OCINoSQLs(OCINoSQLConnection):
+    def __init__(self, config=None, configfile=None, profile=None, compartment_id=None):
+        self.compartment_id = compartment_id
+        self.nosqls_json = []
+        super(OCINoSQLs, self).__init__(config=config, configfile=configfile, profile=profile)
+
+    def list(self, compartment_id=None, filter=None):
+        if compartment_id is None:
+            compartment_id = self.compartment_id
+
+        # Add filter to only return AVAILABLE Compartments
+        if filter is None:
+            filter = {}
+
+        if 'lifecycle_state' not in filter:
+            filter['lifecycle_state'] = 'AVAILABLE'
+
+        nosqls = oci.pagination.list_call_get_all_results(self.client.list_nosqls, compartment_id=compartment_id).data
+
+        # Convert to Json object
+        nosqls_json = self.toJson(nosqls)
+        logger.debug(str(nosqls_json))
+
+        # Filter results
+        self.nosqls_json = self.filterJsonObjectList(nosqls_json, filter)
+        logger.debug(str(self.nosqls_json))
+
+        return self.nosqls_json
diff --git a/visualiser/facades/ociNoSQLDatabase.py b/visualiser/facades/ociNoSQLDatabase.py
new file mode 100644
index 000000000..87f067b27
--- /dev/null
+++ b/visualiser/facades/ociNoSQLDatabase.py
@@ -0,0 +1,52 @@
+#!/usr/bin/python
+
+# Copyright (c) 2020, 2021, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+"""Provide Module Description
+"""
+
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~#
+__author__ = ["Andrew Hopkinson (Oracle Cloud Solutions A-Team)"]
+__version__ = "1.0.0"
+__module__ = "ociNoSQLDatabase"
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~#
+
+
+import oci
+
+from common.okitLogging import getLogger
+from facades.ociConnection import OCINoSQLDatabaseConnection
+
+# Configure logging
+logger = getLogger()
+
+
+class OCINoSQLDatabases(OCINoSQLDatabaseConnection):
+    def __init__(self, config=None, configfile=None, profile=None, compartment_id=None):
+        self.compartment_id = compartment_id
+        self.nosql_databases_json = []
+        super(OCINoSQLDatabases, self).__init__(config=config, configfile=configfile, profile=profile)
+
+    def list(self, compartment_id=None, filter=None):
+        if compartment_id is None:
+            compartment_id = self.compartment_id
+
+        # Add filter to only return AVAILABLE Compartments
+        if filter is None:
+            filter = {}
+
+        if 'lifecycle_state' not in filter:
+            filter['lifecycle_state'] = 'AVAILABLE'
+
+        nosql_databases = oci.pagination.list_call_get_all_results(self.client.list_nosql_databases, compartment_id=compartment_id).data
+
+        # Convert to Json object
+        nosql_databases_json = self.toJson(nosql_databases)
+        logger.debug(str(nosql_databases_json))
+
+        # Filter results
+        self.nosql_databases_json = self.filterJsonObjectList(nosql_databases_json, filter)
+        logger.debug(str(self.nosql_databases_json))
+
+        return self.nosql_databases_json
diff --git a/visualiser/facades/ociVault.py b/visualiser/facades/ociVault.py
new file mode 100644
index 000000000..957fc2480
--- /dev/null
+++ b/visualiser/facades/ociVault.py
@@ -0,0 +1,52 @@
+#!/usr/bin/python
+
+# Copyright (c) 2020, 2021, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+"""Provide Module Description
+"""
+
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~#
+__author__ = ["Andrew Hopkinson (Oracle Cloud Solutions A-Team)"]
+__version__ = "1.0.0"
+__module__ = "ociVault"
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~#
+
+
+import oci
+
+from common.okitLogging import getLogger
+from facades.ociConnection import OCIVaultConnection
+
+# Configure logging
+logger = getLogger()
+
+
+class OCIVaults(OCIVaultConnection):
+    def __init__(self, config=None, configfile=None, profile=None, compartment_id=None):
+        self.compartment_id = compartment_id
+        self.vaults_json = []
+        super(OCIVaults, self).__init__(config=config, configfile=configfile, profile=profile)
+
+    def list(self, compartment_id=None, filter=None):
+        if compartment_id is None:
+            compartment_id = self.compartment_id
+
+        # Add filter to only return AVAILABLE Compartments
+        if filter is None:
+            filter = {}
+
+        if 'lifecycle_state' not in filter:
+            filter['lifecycle_state'] = 'AVAILABLE'
+
+        vaults = oci.pagination.list_call_get_all_results(self.client.list_vaults, compartment_id=compartment_id).data
+
+        # Convert to Json object
+        vaults_json = self.toJson(vaults)
+        logger.debug(str(vaults_json))
+
+        # Filter results
+        self.vaults_json = self.filterJsonObjectList(vaults_json, filter)
+        logger.debug(str(self.vaults_json))
+
+        return self.vaults_json
diff --git a/visualiser/generators/okitGenerator.py b/visualiser/generators/okitGenerator.py
index ae2b4e37b..bac0bb55c 100644
--- a/visualiser/generators/okitGenerator.py
+++ b/visualiser/generators/okitGenerator.py
@@ -228,6 +228,9 @@ def generate(self):
         # -- Loadbalancers
         for loadbalancer in self.visualiser_json.get('load_balancers', []):
             self.renderLoadbalancer(loadbalancer)
+        # -- Bastions
+        for bastion in self.visualiser_json.get('bastions', []):
+            self.renderBastion(bastion)
         # # -- Exadata Infrastructures
         # for resource in self.visualiser_json.get('exadata_infrastructures', []):
         #     self.renderExadataInfrastructure(resource)
@@ -364,6 +367,46 @@ def renderAutonomousDatabase(self, resource):
         logger.debug(self.create_sequence[-1])
         return
 
+    def renderBastion(self, resource):
+        # Reset Variables
+        self.initialiseJinja2Variables()
+        display_name = resource.get("display_name", resource.get("name", "Unknown"))
+        # Read Data
+        standardisedName = self.standardiseResourceName(display_name)
+        resourceName = '{0:s}'.format(standardisedName)
+        self.jinja2_variables['resource_name'] = resourceName
+        self.jinja2_variables['output_name'] = display_name
+        # Process Virtual Cloud Networks Data
+        logger.info('Processing Bastion Information {0!s:s}'.format(standardisedName))
+        # -- Define Variables
+        # --- Read / Create
+        # ---- Read Only
+        self.jinja2_variables['read_only'] = resource.get('read_only', False)
+        # ---- Id
+        self.jinja2_variables["ocid"] = self.formatJinja2Value(resource['id'])
+        # --- Required
+        # ---- Compartment Id
+        self.jinja2_variables["compartment_id"] = self.formatJinja2IdReference(self.standardiseResourceName(self.id_name_map[resource['compartment_id']]))
+        # ---- Bastion Type
+        self.addJinja2Variable("bastion_type", resource.get("bastion_type", 'STANDARD'), standardisedName)
+        # ---- Subnet
+        self.jinja2_variables["target_subnet_id"] = self.formatJinja2IdReference(self.standardiseResourceName(self.id_name_map[resource['target_subnet_id']]))
+        # ---- Display Name
+        self.addJinja2Variable("display_name", display_name, standardisedName)
+        # ---- CIDR Blocks
+        self.jinja2_variables["client_cidr_block_allow_list"] = resource.get("client_cidr_block_allow_list", [])
+        # --- Optional
+        if resource.get("max_session_ttl_in_seconds", 0) > 0:
+            self.addJinja2Variable("max_session_ttl_in_seconds", resource.get("max_session_ttl_in_seconds", 10800), standardisedName)
+        # ---- Tags
+        self.renderTags(resource)
+
+        # -- Render Template
+        jinja2_template = self.jinja2_environment.get_template("bastion.jinja2")
+        self.create_sequence.append(jinja2_template.render(self.jinja2_variables))
+        logger.debug(self.create_sequence[-1])
+        return
+
     def renderBlockStorageVolume(self, resource):
         # Reset Variables
         self.initialiseJinja2Variables()
diff --git a/visualiser/model/okitValidation.py b/visualiser/model/okitValidation.py
index 5d0ace5b1..6534c9aea 100644
--- a/visualiser/model/okitValidation.py
+++ b/visualiser/model/okitValidation.py
@@ -29,6 +29,7 @@ def validate(self):
         logger.info('Validating OKIT Json')
         self.validateCommon()
         self.validateAutonomousDatabases()
+        self.validateBastions()
         self.validateBlockStorageVolumes()
         self.validateCompartments()
         self.validateCustomerPremiseEquipments()
@@ -129,6 +130,26 @@ def validateAutonomousDatabases(self):
                 }
                 self.results['errors'].append(error)
 
+    # Bastion
+    def validateBastions(self):
+        for resource in self.okit_json.get('bastions', []):
+            logger.info('Validating {!s}'.format(resource['display_name']))
+            for cidr_block in resource.get('client_cidr_block_allow_list', []):
+                for other_cidr_block in resource.get('client_cidr_block_allow_list', []):
+                    logger.info(f'cidr_block {cidr_block} - other_cidr_block {other_cidr_block} : {self.overlaps(cidr_block, other_cidr_block)}')
+                    if cidr_block != other_cidr_block:
+                        if self.overlaps(cidr_block, other_cidr_block):
+                            self.valid = False
+                            error = {
+                                'id': resource['id'],
+                                'type': 'Bastion',
+                                'artefact': resource['display_name'],
+                                'message': 'CIDR Block {!s} overlaps CIDR Block {!s}.'.format(cidr_block, other_cidr_block),
+                                'element': 'client_cidr_block_allow_list'
+                            }
+                            self.results['errors'].append(error)
+
+
     # Block Storage
     def validateBlockStorageVolumes(self):
         for artefact in self.okit_json.get('block_storage_volumes', []):
diff --git a/visualiser/query/ociQuery.py b/visualiser/query/ociQuery.py
index fabd2e38a..37e8180a1 100644
--- a/visualiser/query/ociQuery.py
+++ b/visualiser/query/ociQuery.py
@@ -35,6 +35,7 @@ class OCIQuery(OCIConnection):
         "AutonomousDatabase",
         "Backend",
         "BackendSet",
+        "Bastion",
         "BootVolume",
         "BootVolumeAttachment",
         "Bucket",
@@ -86,6 +87,7 @@ class OCIQuery(OCIConnection):
     ]
     DISCOVERY_OKIT_MAP = {
         "AutonomousDatabase": "autonomous_databases",
+        "Bastion": "bastions",
         #"BootVolume": "block_storage_volumes",
         "Bucket": "object_storage_buckets",
         "Cluster": "oke_clusters",
diff --git a/visualiser/templates/markdown/common_macros.jinja2 b/visualiser/templates/markdown/common_macros.jinja2
index df8a0bc84..5e4dd72e7 100644
--- a/visualiser/templates/markdown/common_macros.jinja2
+++ b/visualiser/templates/markdown/common_macros.jinja2
@@ -305,3 +305,21 @@
         {%- endif -%}
     {%- endfor -%}
 {%- endmacro -%}
+
+
+{%- macro user_property(id, title="User") -%}
+    {{ document_property(title, user_link(id)) }}
+{%- endmacro -%}
+
+{%- macro user_link(id) -%}
+    {{ property_link(user_name(id)) }}
+{%- endmacro -%}
+
+{%- macro user_name(id) -%}
+    {%- for user in users -%}
+        {%- if user.id == id -%}
+            {{ user.display_name }}
+        {%- endif -%}
+    {%- endfor -%}
+{%- endmacro -%}
+
diff --git a/visualiser/templates/markdown/group.jinja2 b/visualiser/templates/markdown/group.jinja2
new file mode 100644
index 000000000..6066b6e71
--- /dev/null
+++ b/visualiser/templates/markdown/group.jinja2
@@ -0,0 +1,14 @@
+{% import "common_macros.jinja2" as common with context %}
+{% macro document_group(resource) -%}
+{{ common.document_common_details(resource) }}
+| Property | Value    |
+| -------- | -------- |
+{{ common.document_property("Description", resource.description) }}
+    {% for user_id in resource.user_ids -%}
+        {{ common.user_property(user_id) }}
+    {% endfor %}
+{{ common.document_tags(resource) }}
+{%- endmacro %}
+{% for group in groups -%}
+    {{ document_group(group) }}
+{%- endfor %}
\ No newline at end of file
diff --git a/visualiser/templates/markdown/markdown.jinja2 b/visualiser/templates/markdown/markdown.jinja2
index 5dcda12af..26bd53409 100644
--- a/visualiser/templates/markdown/markdown.jinja2
+++ b/visualiser/templates/markdown/markdown.jinja2
@@ -157,8 +157,26 @@
 
 {%- endif %}
 
+{% if (groups is defined and groups|length > 0) or (users is defined and users|length > 0) or (policys is defined and policys|length > 0) -%}
+## Identity
+{% if (users is defined and users|length > 0) -%}
+### Users
+    {% include "user.jinja2" ignore missing with context %}
+{%- endif %}
+
+{% if (groups is defined and groups|length > 0) -%}
+### User Groups
+    {% include "group.jinja2" ignore missing with context %}
+{%- endif %}
+
+{% if (policys is defined and policys|length > 0) -%}
+### Policies
+    {% include "policy.jinja2" ignore missing with context %}
+{%- endif %}
+{%- endif %}
+
 {% if user_defined is defined and user_defined.terraform is defined and user_defined.terraform|length > 0 -%}
-### User Defined Terraform 
+## User Defined Terraform 
 ```terraform
 {{ user_defined.terraform|safe }}
 ```
diff --git a/visualiser/templates/markdown/policy.jinja2 b/visualiser/templates/markdown/policy.jinja2
new file mode 100644
index 000000000..0e5768f97
--- /dev/null
+++ b/visualiser/templates/markdown/policy.jinja2
@@ -0,0 +1,14 @@
+{% import "common_macros.jinja2" as common with context %}
+{% macro document_policy(resource) -%}
+{{ common.document_common_details(resource) }}
+{{ common.document_common_properties(resource) }}
+{{ common.document_property("Description", resource.description) }}
+{{ common.document_property("Version Date", resource.version_date) }}
+    {% for statement in resource.statements -%}
+        {{ common.document_property("Statement", statement) }}
+    {% endfor %}
+{{ common.document_tags(resource) }}
+{%- endmacro %}
+{% for policy in policys -%}
+    {{ document_policy(policy) }}
+{%- endfor %}
\ No newline at end of file
diff --git a/visualiser/templates/markdown/user.jinja2 b/visualiser/templates/markdown/user.jinja2
new file mode 100644
index 000000000..cf264c998
--- /dev/null
+++ b/visualiser/templates/markdown/user.jinja2
@@ -0,0 +1,9 @@
+{% import "common_macros.jinja2" as common with context %}
+{% macro document_user(resource) -%}
+{{ "| %-15s | %-15s | %s |" | format(resource.display_name, resource.email, resource.description) }}
+{%- endmacro %}
+| User Name | Email          | Description    |
+| --------- | -------------- | -------------- |
+{% for user in users -%}
+    {{ document_user(user) }}
+{% endfor %}
\ No newline at end of file
diff --git a/visualiser/templates/markdown/users.jinja2 b/visualiser/templates/markdown/users.jinja2
new file mode 100644
index 000000000..b8bad0973
--- /dev/null
+++ b/visualiser/templates/markdown/users.jinja2
@@ -0,0 +1,9 @@
+{% import "common_macros.jinja2" as common with context %}
+{% macro document_user(resource) -%}
+{{ common.document_property(resource.display_name, resource.description) }}
+{%- endmacro %}
+| User Name | Description    |
+| --------- | -------------- |
+{% for user in users -%}
+    {{ document_user(user) }}
+{% endfor %}
\ No newline at end of file
diff --git a/visualiser/templates/terraform/bastion.jinja2 b/visualiser/templates/terraform/bastion.jinja2
new file mode 100644
index 000000000..0586660b9
--- /dev/null
+++ b/visualiser/templates/terraform/bastion.jinja2
@@ -0,0 +1,39 @@
+{% if read_only %}
+# ------ Read Bastion
+data "oci_bastion_bastion" "{{ resource_name }}" {
+    # Required
+    compartment_id  = {{ compartment_ocid }}
+    bastion_id = {{ ocid | safe }}
+}
+
+locals {
+    {{ resource_name }}_id            = data.oci_bastion_bastion.{{ resource_name }}.id
+}
+{% else %}
+# ------ Create Bastion
+resource "oci_bastion_bastion" "{{ resource_name }}" {
+    #Required
+    compartment_id = {{ compartment_id }}
+    bastion_type = {{ bastion_type | safe }}
+    target_subnet_id = {{ target_subnet_id | safe }}
+
+    #Optional
+    name = {{ display_name | safe }}
+    client_cidr_block_allow_list    = [{% for cidr_block in client_cidr_block_allow_list %}"{{ cidr_block }}"{% if not loop.last %},{% endif %}{% endfor %}]
+{% if max_session_ttl_in_seconds is defined %}
+    max_session_ttl_in_seconds = {{ max_session_ttl_in_seconds | safe }}
+{% endif %}
+{% if phone_book_entry is defined %}
+    phone_book_entry = {{ phone_book_entry | safe }}
+{% endif %}
+{% if static_jump_host_ip_addresses is defined %}
+    static_jump_host_ip_addresses = {{ static_jump_host_ip_addresses | safe }}
+{% endif %}
+{% if defined_tags is defined %}
+        defined_tags     = {{ defined_tags | safe }}
+{% endif %}
+{% if freeform_tags is defined %}
+        freeform_tags    = {{ freeform_tags | safe }}
+{% endif %}
+}
+{% endif %}