diff --git a/README.md b/README.md
index cb260dc..19c023a 100644
--- a/README.md
+++ b/README.md
@@ -89,6 +89,7 @@ PS: In some cases you may consider adding flag `-A` to ssh command to enable for
 | ami |  | string | n/a | yes |
 | apply\_changes\_immediately | Whether to apply the changes at once and recreate auto-scaling group | string | `"false"` | no |
 | associate\_public\_ip\_address |  | string | `"false"` | no |
+| aws\_security\_group\_description |  | string | `"Bastion security group (only SSH inbound access is allowed)"` | no |
 | eip |  | string | `""` | no |
 | enable\_hourly\_cron\_updates |  | string | `"false"` | no |
 | enable\_monitoring |  | string | `"true"` | no |
diff --git a/main.tf b/main.tf
index 65c004d..68f64f4 100644
--- a/main.tf
+++ b/main.tf
@@ -1,7 +1,7 @@
 resource "aws_security_group" "bastion" {
   name        = var.name
   vpc_id      = var.vpc_id
-  description = "Bastion security group (only SSH inbound access is allowed)"
+  description = var.aws_security_group_description
 
   tags = {
     Name = var.name
diff --git a/variables.tf b/variables.tf
index 5bf0798..f3f83ac 100644
--- a/variables.tf
+++ b/variables.tf
@@ -114,3 +114,7 @@ variable "apply_changes_immediately" {
   default     = false
 }
 
+variable "aws_security_group_description" {
+  default = "Bastion security group (only SSH inbound access is allowed)"
+}
+