diff --git a/README.md b/README.md
index d9065e0..0c61c74 100644
--- a/README.md
+++ b/README.md
@@ -6,9 +6,9 @@ Provisioning scripts for an Active Directory lab environment. Designed to be dep
 
 ## Setup
 
-The lab is provisioned automatically using Terraform and Ansible. First, Terraform deploys all the infrastructure and prepares the machines for provisioning. It then kicks off a role-based Ansible playbook from the Debian attacker machine to provision the Windows-based machines.
+The lab is provisioned automatically using Terraform and Ansible. First, Terraform deploys all the infrastructure and prepares the machines for provisioning. It then kicks off a role-based Ansible playbook from the Debian attacker machine to provision the Windows-based machines. The full process takes about 15 to 20 minutes to complete.
 
-**In the default setup, the lab takes approximately 15-20 minutes to provision, and costs about €1 per day to run on Azure.**
+> 💸 **Note:** The machine sizes are moderately large by default ('Standard_B4ms'). In my testing the bill was approx. €10 per day of active use, your mileage may vary. Change the appropriate 'size' settings in `terraform.tfvars` to change machine sizes.
 
 ### Deployment
 
diff --git a/Terraform/03-dc.tf b/Terraform/03-dc.tf
index 46b9a18..5c31ffc 100644
--- a/Terraform/03-dc.tf
+++ b/Terraform/03-dc.tf
@@ -16,7 +16,7 @@ resource "azurerm_network_interface" "cloudlabs-vm-dc-nic" {
 resource "azurerm_windows_virtual_machine" "cloudlabs-vm-dc" {
   name                     = "CloudLabs-vm-dc"
   computer_name            = var.dc-hostname
-  size                     = "Standard_B4ms"
+  size                     = var.dc-size
   provision_vm_agent       = true
   enable_automatic_updates = true
   resource_group_name      = data.azurerm_resource_group.cloudlabs-rg.name
diff --git a/Terraform/04-winserv2019.tf b/Terraform/04-winserv2019.tf
index 653c9f2..2f1651b 100644
--- a/Terraform/04-winserv2019.tf
+++ b/Terraform/04-winserv2019.tf
@@ -22,7 +22,7 @@ resource "azurerm_network_interface_nat_rule_association" "cloudlabs-vm-winserv2
 resource "azurerm_windows_virtual_machine" "cloudlabs-vm-winserv2019" {
   name                = "CloudLabs-vm-winserv2019"
   computer_name       = var.winserv2019-hostname
-  size                = "Standard_B4ms"
+  size                = var.winserv2019-size
   provision_vm_agent  = true
   enable_automatic_updates = true
   resource_group_name = data.azurerm_resource_group.cloudlabs-rg.name
diff --git a/Terraform/05-windows10.tf b/Terraform/05-windows10.tf
index ed6b945..f430a35 100644
--- a/Terraform/05-windows10.tf
+++ b/Terraform/05-windows10.tf
@@ -22,7 +22,7 @@ resource "azurerm_network_interface_nat_rule_association" "cloudlabs-vm-windows1
 resource "azurerm_windows_virtual_machine" "cloudlabs-vm-windows10" {
   name                = "CloudLabs-vm-windows10"
   computer_name       = var.win10-hostname
-  size                = "Standard_B4ms"
+  size                = var.win10-size
   provision_vm_agent  = true
   enable_automatic_updates = true
   resource_group_name = data.azurerm_resource_group.cloudlabs-rg.name
diff --git a/Terraform/06-elastic.tf b/Terraform/06-elastic.tf
index afd6cd2..854bfae 100644
--- a/Terraform/06-elastic.tf
+++ b/Terraform/06-elastic.tf
@@ -18,7 +18,7 @@ resource "azurerm_linux_virtual_machine" "cloudlabs-vm-elastic" {
   computer_name       = var.elastic-hostname
   resource_group_name = data.azurerm_resource_group.cloudlabs-rg.name
   location            = data.azurerm_resource_group.cloudlabs-rg.location
-  size                = "Standard_D4ds_v5"
+  size                = var.elastic-size
   disable_password_authentication = false
   admin_username      = var.linux-user
   admin_password      = random_string.linuxpass.result
diff --git a/Terraform/07-hackbox.tf b/Terraform/07-hackbox.tf
index e40e451..3279d42 100644
--- a/Terraform/07-hackbox.tf
+++ b/Terraform/07-hackbox.tf
@@ -24,7 +24,7 @@ resource "azurerm_linux_virtual_machine" "cloudlabs-vm-hackbox" {
   computer_name       = var.hackbox-hostname
   resource_group_name = data.azurerm_resource_group.cloudlabs-rg.name
   location            = data.azurerm_resource_group.cloudlabs-rg.location
-  size                = "Standard_B2s"
+  size                = var.hackbox-size
   disable_password_authentication = false
   admin_username      = var.linux-user
   admin_password      = random_string.linuxpass.result
diff --git a/Terraform/terraform.tfvars.example b/Terraform/terraform.tfvars.example
index fca1bf8..72f680b 100644
--- a/Terraform/terraform.tfvars.example
+++ b/Terraform/terraform.tfvars.example
@@ -9,10 +9,15 @@ ip-whitelist         = ["1.2.3.4/32", "8.8.8.0/24"]
 timezone             = "W. Europe Standard Time"
 domain-name-label    = "cloudlabs"
 domain-dns-name      = "cloud.labs"
+windows-user         = "labadmin"
+linux-user           = "labadmin"
 hackbox-hostname     = "hackbox"
 elastic-hostname     = "elastic"
 dc-hostname          = "dc"
 winserv2019-hostname = "winserv2019"
 win10-hostname       = "win10"
-windows-user         = "labadmin"
-linux-user           = "labadmin"
\ No newline at end of file
+win10-size           = "Standard_B4ms"
+winserv2019-size     = "Standard_B4ms"
+dc-size              = "Standard_B4ms"
+elastic-size         = "Standard_B4ms"
+hackbox-size         = "Standard_B4ms"
\ No newline at end of file
diff --git a/Terraform/variables.tf b/Terraform/variables.tf
index 2fb6b02..6c6e722 100644
--- a/Terraform/variables.tf
+++ b/Terraform/variables.tf
@@ -32,30 +32,60 @@ variable "hackbox-hostname" {
   default = "hackbox"
 }
 
+variable "hackbox-size" {
+  type = string
+  description = "The machine size of the attacker VM."
+  default = "Standard_B4ms"
+}
+
 variable "elastic-hostname" {
   type = string
   description = "The hostname of the Elastic VM."
   default = "elastic"
 }
 
+variable "elastic-size" {
+  type = string
+  description = "The machine size of the Elastic VM."
+  default = "Standard_B4ms"
+}
+
 variable "dc-hostname" {
   type = string
   description = "The hostname of the Windows Server 2016 DC VM."
   default = "dc"
 }
 
+variable "dc-size" {
+  type = string
+  description = "The machine size of the Windows Server 2016 DC VM."
+  default = "Standard_B4ms"
+}
+
 variable "winserv2019-hostname" {
   type = string
   description = "The hostname of the Windows Server 2019 VM."
   default = "winserv2019"
 }
 
+variable "winserv2019-size" {
+  type = string
+  description = "The machine size of the Windows Server 2019 VM."
+  default = "Standard_B4ms"
+}
+
 variable "win10-hostname" {
   type = string
   description = "The hostname of the Windows 10 VM."
   default = "win10"
 }
 
+variable "win10-size" {
+  type = string
+  description = "The machine size of the Windows 10 VM."
+  default = "Standard_B4ms"
+}
+
 variable "windows-user" {
   type        = string
   description = "The local administrative username for Windows machines. Password will be generated."