diff --git a/aws/resource_aws_security_group_rule.go b/aws/resource_aws_security_group_rule.go
index 77132f4e13c4..0af4cb688026 100644
--- a/aws/resource_aws_security_group_rule.go
+++ b/aws/resource_aws_security_group_rule.go
@@ -28,6 +28,10 @@ func resourceAwsSecurityGroupRule() *schema.Resource {
 		SchemaVersion: 2,
 		MigrateState:  resourceAwsSecurityGroupRuleMigrateState,
 
+		Timeouts: &schema.ResourceTimeout{
+			Read: schema.DefaultTimeout(5 * time.Minute),
+		},
+
 		Schema: map[string]*schema.Schema{
 			"type": {
 				Type:        schema.TypeString,
@@ -196,7 +200,7 @@ information and instructions for recovery. Error message: %s`, sg_id, awsErr.Mes
 	id := ipPermissionIDHash(sg_id, ruleType, perm)
 	log.Printf("[DEBUG] Computed group rule ID %s", id)
 
-	retErr := resource.Retry(5*time.Minute, func() *resource.RetryError {
+	retErr := resource.Retry(d.Timeout(schema.TimeoutRead), func() *resource.RetryError {
 		sg, err := findResourceSecurityGroup(conn, sg_id)
 
 		if err != nil {
diff --git a/website/docs/r/security_group_rule.html.markdown b/website/docs/r/security_group_rule.html.markdown
index 1cc7f982c0d2..ca4c8dda16fa 100644
--- a/website/docs/r/security_group_rule.html.markdown
+++ b/website/docs/r/security_group_rule.html.markdown
@@ -87,3 +87,10 @@ In addition to all arguments above, the following attributes are exported:
 * `to_port` - The end port (or ICMP code if protocol is "icmp")
 * `protocol` – The protocol used
 * `description` – Description of the rule
+
+## Timeouts
+
+`aws_security_group_rule` provides the following [Timeouts](/docs/configuration/resources.html#timeouts)
+configuration options:
+
+- `read` - (Default `5 minutes`) How long to wait for reading a rsecurity group rule.