diff --git a/website/source/docs/providers/aws/r/security_group.html.markdown b/website/source/docs/providers/aws/r/security_group.html.markdown
index 65c96e648..e1db4b1d9 100644
--- a/website/source/docs/providers/aws/r/security_group.html.markdown
+++ b/website/source/docs/providers/aws/r/security_group.html.markdown
@@ -74,7 +74,9 @@ The `ingress` block supports:
 * `cidr_blocks` - (Optional) List of CIDR blocks. Cannot be used with `security_groups`.
 * `from_port` - (Required) The start port.
 * `protocol` - (Required) The protocol.
-* `security_groups` - (Optional) List of security group IDs. Cannot be used with `cidr_blocks`.
+* `security_groups` - (Optional) List of security group Group Names if using
+    EC2-Classic or the default VPC, or Group IDs if using a non-default VPC.
+    Cannot be used with `cidr_blocks`.
 * `self` - (Optional) If true, the security group itself will be added as
      a source to this ingress rule.
 * `to_port` - (Required) The end range port.
@@ -84,7 +86,9 @@ The `egress` block supports:
 * `cidr_blocks` - (Optional) List of CIDR blocks. Cannot be used with `security_groups`.
 * `from_port` - (Required) The start port.
 * `protocol` - (Required) The protocol.
-* `security_groups` - (Optional) List of security group IDs. Cannot be used with `cidr_blocks`.
+* `security_groups` - (Optional) List of security group Group Names if using
+    EC2-Classic or the default VPC, or Group IDs if using a non-default VPC.
+    Cannot be used with `cidr_blocks`.
 * `self` - (Optional) If true, the security group itself will be added as
      a source to this egress rule.
 * `to_port` - (Required) The end range port.