diff --git a/graceful_shutdown.tf b/graceful_shutdown.tf
index 676c0e3..eff0579 100644
--- a/graceful_shutdown.tf
+++ b/graceful_shutdown.tf
@@ -8,3 +8,12 @@ resource "aws_autoscaling_lifecycle_hook" "graceful_shutdown_asg_hook" {
   heartbeat_timeout      = "${var.heartbeat_timeout}"
   lifecycle_transition   = "autoscaling:EC2_INSTANCE_TERMINATING"
 }
+
+resource "aws_autoscaling_lifecycle_hook" "graceful_shutdown_asg_hook_second" {
+  count                  = "${var.second_asg_servers > 0 ? 1 : 0}"
+  name                   = "graceful_shutdown_asg"
+  autoscaling_group_name = "${aws_autoscaling_group.ecs_second.name}"
+  default_result         = "CONTINUE"
+  heartbeat_timeout      = "${var.heartbeat_timeout}"
+  lifecycle_transition   = "autoscaling:EC2_INSTANCE_TERMINATING"
+}
diff --git a/main.tf b/main.tf
index f550420..5d6dbd9 100644
--- a/main.tf
+++ b/main.tf
@@ -48,6 +48,32 @@ resource "aws_launch_configuration" "ecs" {
   }
 }
 
+# Optional Second Launch Config for the optional Second ASG
+resource "aws_launch_configuration" "ecs_second" {
+  count                       = "${var.second_asg_servers > 0 ? 1 : 0}"
+  name_prefix                 = "${coalesce(var.name_prefix, "ecs-second-${var.name}-")}"
+  image_id                    = "${var.second_asg_ami == "" ? format("%s", data.aws_ami.ecs_ami.id) : var.second_asg_ami}"   # Workaround until 0.9.6
+  instance_type               = "${var.instance_type}"
+  key_name                    = "${var.key_name}"
+  iam_instance_profile        = "${aws_iam_instance_profile.ecs_profile.name}"
+  security_groups             = ["${concat(list(aws_security_group.ecs.id), var.security_group_ids)}"]
+  associate_public_ip_address = "${var.associate_public_ip_address}"
+  spot_price                  = "${var.spot_bid_price}"
+
+  ebs_block_device {
+    device_name           = "${var.ebs_block_device}"
+    volume_size           = "${var.docker_storage_size}"
+    volume_type           = "gp2"
+    delete_on_termination = true
+  }
+
+  user_data = "${coalesce(var.user_data, data.template_file.user_data.rendered)}"
+
+  lifecycle {
+    create_before_destroy = true
+  }
+}
+
 resource "aws_autoscaling_group" "ecs" {
   name_prefix          = "asg-${aws_launch_configuration.ecs.name}-"
   vpc_zone_identifier  = ["${var.subnet_id}"]
@@ -76,6 +102,36 @@ resource "aws_autoscaling_group" "ecs" {
   }
 }
 
+# Optional Second ASG
+resource "aws_autoscaling_group" "ecs_second" {
+  count                = "${var.second_asg_servers > 0 ? 1 : 0}"
+  name_prefix          = "asg-second-${aws_launch_configuration.ecs_second.name}-"
+  vpc_zone_identifier  = ["${var.subnet_id}"]
+  launch_configuration = "${aws_launch_configuration.ecs_second.name}"
+  min_size             = "${var.second_asg_min_servers}"
+  max_size             = "${var.second_asg_max_servers}"
+  desired_capacity     = "${var.second_asg_servers}"
+  termination_policies = ["OldestLaunchConfiguration", "ClosestToNextInstanceHour", "Default"]
+  load_balancers       = ["${var.load_balancers}"]
+  enabled_metrics      = ["${var.enabled_metrics}"]
+
+  tags = [{
+    key                 = "Name"
+    value               = "${var.name} ${var.tagName} Second"
+    propagate_at_launch = true
+  }]
+
+  tags = ["${var.extra_tags}"]
+
+  lifecycle {
+    create_before_destroy = true
+  }
+
+  timeouts {
+    delete = "${var.heartbeat_timeout + var.asg_delete_extra_timeout}s"
+  }
+}
+
 resource "aws_security_group" "ecs" {
   name        = "ecs-sg-${var.name}"
   description = "Container Instance Allowed Ports"
@@ -85,14 +141,14 @@ resource "aws_security_group" "ecs" {
     from_port   = 0
     to_port     = 65535
     protocol    = "tcp"
-    cidr_blocks = "${var.allowed_cidr_blocks}"
+    cidr_blocks = ["${var.allowed_cidr_blocks}"]
   }
 
   ingress {
     from_port   = 0
     to_port     = 65535
     protocol    = "udp"
-    cidr_blocks = "${var.allowed_cidr_blocks}"
+    cidr_blocks = ["${var.allowed_cidr_blocks}"]
   }
 
   egress {
diff --git a/variables.tf b/variables.tf
index 02a7c0d..85baedb 100644
--- a/variables.tf
+++ b/variables.tf
@@ -12,6 +12,10 @@ variable "ami" {
   default = ""
 }
 
+variable "second_asg_ami" {
+  default = ""
+}
+
 variable "ami_version" {
   default = "*"
 }
@@ -100,11 +104,21 @@ variable "min_servers" {
   default     = 1
 }
 
+variable "second_asg_min_servers" {
+  description = "Minimum number of ECS servers to run in the Second ASG."
+  default     = 1
+}
+
 variable "max_servers" {
   description = "Maximum number of ECS servers to run."
   default     = 10
 }
 
+variable "second_asg_max_servers" {
+  description = "Maximum number of ECS servers to run in the Second ASG."
+  default     = 10
+}
+
 variable "name" {
   description = "AWS ECS Cluster Name"
 }
@@ -139,6 +153,11 @@ variable "servers" {
   description = "The number of servers to launch."
 }
 
+variable "second_asg_servers" {
+  default     = "0"
+  description = "The number of servers to launch in the Second ASG, default 0 (in which case the Second ASG is not created)."
+}
+
 variable "spot_bid_price" {
   default     = ""
   description = "If specified, spot instances will be requested at this bid price.  If not specified, on-demand instances will be used."