diff --git a/README.md b/README.md
index 219eb8b..adf2b39 100644
--- a/README.md
+++ b/README.md
@@ -11,7 +11,8 @@ In behind coreOS and docker is used.
 module "account" {
   source = "zoitech/concourse/aws"
   instance_name = "concourse"
-  instance_sg_id = "${aws_security_group.allow_all.id}"
+  instance_sg_id = "${aws_security_group.group_concourse.id}"
+  alb_sg_id = "${aws_security_group.allow_all.id}"
   concourse_username = "concourse"
   concourse_password = "Sup3rS3cur3"
   instance_key_name = "my_key"
diff --git a/ec2_alb.tf b/ec2_alb.tf
index 7d88cec..edf938f 100644
--- a/ec2_alb.tf
+++ b/ec2_alb.tf
@@ -14,7 +14,7 @@ resource "aws_lb_target_group_attachment" "concourse" {
 resource "aws_lb" "concourse" {
   name            = "${var.prefix}-concourse-alb"
   internal        = false
-  security_groups = ["${aws_security_group.GroupLB.id}","${var.instance_sg_id}"]
+  security_groups = ["${aws_security_group.GroupLB.id}","${var.alb_sg_id}"]
   subnets         = ["${var.public_sn_a}","${var.public_sn_b}"]
 
   enable_deletion_protection = false
diff --git a/ec2_instance.tf b/ec2_instance.tf
index dbdeab2..ee1496d 100644
--- a/ec2_instance.tf
+++ b/ec2_instance.tf
@@ -15,7 +15,7 @@ data "aws_ami" "coreos" {
 resource "aws_instance" "ec2_linux_instance" {
     ami                    = "${data.aws_ami.coreos.id}"
     instance_type          = "${var.instance_size}"
-    vpc_security_group_ids = ["${aws_security_group.RuleGroupLBHttpIn.id}"]
+    vpc_security_group_ids = ["${aws_security_group.RuleGroupLBHttpIn.id}", "${var.instance_sg_id}"]
     subnet_id              = "${var.private_sn_a}"
     key_name               = "${var.instance_key_name}"
     user_data              = "${replace(data.template_file.userdata.rendered,"/\\r/","")}"
diff --git a/variables.tf b/variables.tf
index ad82ac4..9093db9 100644
--- a/variables.tf
+++ b/variables.tf
@@ -44,13 +44,20 @@ variable "instance_name" {
   description = "The name of the Instance."
 }
 variable "instance_sg_id" {
-  description = "The Security Group ID which should be attached to the Instance."
+  type = "list"
+  description = "The Security Group ID/s which should be attached to the Instance."
 }
 variable "instance_size" {
   description = "The size of the Instance's disk."
   default     = "t2.medium"
 }
 
+# Loadbalancer
+variable "alb_sg_id" {
+  type = "list"
+  description = "The Security Group ID/s which should be attached to the Loadbalancer."
+}
+
 # Role
 variable "role_policies" {
   description = "The policies which would be attached to the EC2 Role."