diff --git a/terraform/security-group.tf b/terraform/security-group.tf
new file mode 100644
index 0000000..9b26be9
--- /dev/null
+++ b/terraform/security-group.tf
@@ -0,0 +1,24 @@
+resource "aws_security_group" "lb" {
+  name     = "sbf-exchangerate-${var.ENV}-alb-sg"
+  description = "Allow TLS inbound traffic"
+  vpc_id      = var.vpc_id
+
+  ingress {
+    description = "HTTP from ALL"
+    from_port   = 80
+    to_port     = 80
+    protocol    = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+
+  egress {
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+
+  tags = {
+    Name = "allow_tls"
+  }
+}
\ No newline at end of file