diff --git a/aws/resource_aws_ssm_association.go b/aws/resource_aws_ssm_association.go
index 7a93f96a88b..2cb8d04ba6d 100644
--- a/aws/resource_aws_ssm_association.go
+++ b/aws/resource_aws_ssm_association.go
@@ -7,6 +7,7 @@ import (
 	"github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/service/ssm"
 	"github.com/hashicorp/terraform/helper/schema"
+	"github.com/hashicorp/terraform/helper/validation"
 )
 
 func resourceAwsSsmAssociation() *schema.Resource {
@@ -88,6 +89,17 @@ func resourceAwsSsmAssociation() *schema.Resource {
 					},
 				},
 			},
+			"compliance_severity": {
+				Type:     schema.TypeString,
+				Optional: true,
+				ValidateFunc: validation.StringInSlice([]string{
+					ssm.ComplianceSeverityUnspecified,
+					ssm.ComplianceSeverityLow,
+					ssm.ComplianceSeverityMedium,
+					ssm.ComplianceSeverityHigh,
+					ssm.ComplianceSeverityCritical,
+				}, false),
+			},
 		},
 	}
 }
@@ -129,6 +141,10 @@ func resourceAwsSsmAssociationCreate(d *schema.ResourceData, meta interface{}) e
 		associationInput.OutputLocation = expandSSMAssociationOutputLocation(v.([]interface{}))
 	}
 
+	if v, ok := d.GetOk("compliance_severity"); ok {
+		associationInput.ComplianceSeverity = aws.String(v.(string))
+	}
+
 	resp, err := ssmconn.CreateAssociation(associationInput)
 	if err != nil {
 		return fmt.Errorf("Error creating SSM association: %s", err)
@@ -174,6 +190,7 @@ func resourceAwsSsmAssociationRead(d *schema.ResourceData, meta interface{}) err
 	d.Set("association_id", association.AssociationId)
 	d.Set("schedule_expression", association.ScheduleExpression)
 	d.Set("document_version", association.DocumentVersion)
+	d.Set("compliance_severity", association.ComplianceSeverity)
 
 	if err := d.Set("targets", flattenAwsSsmTargets(association.Targets)); err != nil {
 		return fmt.Errorf("Error setting targets error: %#v", err)
@@ -220,6 +237,10 @@ func resourceAwsSsmAssociationUpdate(d *schema.ResourceData, meta interface{}) e
 		associationInput.OutputLocation = expandSSMAssociationOutputLocation(v.([]interface{}))
 	}
 
+	if v, ok := d.GetOk("compliance_severity"); ok {
+		associationInput.ComplianceSeverity = aws.String(v.(string))
+	}
+
 	_, err := ssmconn.UpdateAssociation(associationInput)
 	if err != nil {
 		return fmt.Errorf("Error updating SSM association: %s", err)
diff --git a/aws/resource_aws_ssm_association_test.go b/aws/resource_aws_ssm_association_test.go
index 02842adcdf5..7fb626830b7 100644
--- a/aws/resource_aws_ssm_association_test.go
+++ b/aws/resource_aws_ssm_association_test.go
@@ -307,6 +307,41 @@ func TestAccAWSSSMAssociation_withScheduleExpression(t *testing.T) {
 	})
 }
 
+func TestAccAWSSSMAssociation_withComplianceSeverity(t *testing.T) {
+	assocName := acctest.RandString(10)
+	rName := acctest.RandString(10)
+	compSeverity1 := "HIGH"
+	compSeverity2 := "LOW"
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckAWSSSMAssociationDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAWSSSMAssociationBasicConfigWithComplianceSeverity(compSeverity1, rName, assocName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAWSSSMAssociationExists("aws_ssm_association.foo"),
+					resource.TestCheckResourceAttr(
+						"aws_ssm_association.foo", "association_name", assocName),
+					resource.TestCheckResourceAttr(
+						"aws_ssm_association.foo", "compliance_severity", compSeverity1),
+				),
+			},
+			{
+				Config: testAccAWSSSMAssociationBasicConfigWithComplianceSeverity(compSeverity2, rName, assocName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAWSSSMAssociationExists("aws_ssm_association.foo"),
+					resource.TestCheckResourceAttr(
+						"aws_ssm_association.foo", "association_name", assocName),
+					resource.TestCheckResourceAttr(
+						"aws_ssm_association.foo", "compliance_severity", compSeverity2),
+				),
+			},
+		},
+	})
+}
+
 func testAccCheckAWSSSMAssociationExists(n string) resource.TestCheckFunc {
 	return func(s *terraform.State) error {
 		rs, ok := s.RootModule().Resources[n]
@@ -887,3 +922,40 @@ resource "aws_ssm_association" "test" {
 }
 `, rName, associationName, scheduleExpression)
 }
+
+func testAccAWSSSMAssociationBasicConfigWithComplianceSeverity(compSeverity, rName, assocName string) string {
+	return fmt.Sprintf(`
+resource "aws_ssm_document" "foo_document" {
+  name = "test_document_association-%s"
+  document_type = "Command"
+  content = <<DOC
+  {
+    "schemaVersion": "1.2",
+    "description": "Check ip configuration of a Linux instance.",
+    "parameters": {
+    },
+    "runtimeConfig": {
+      "aws:runShellScript": {
+        "properties": [
+          {
+            "id": "0.aws:runShellScript",
+            "runCommand": ["ifconfig"]
+          }
+        ]
+      }
+    }
+  }
+DOC
+}
+
+resource "aws_ssm_association" "foo" {
+  name = "${aws_ssm_document.foo_document.name}"
+  association_name = "%s"
+  compliance_severity = "%s"
+  targets {
+    key = "tag:Name"
+    values = ["acceptanceTest"]
+  }
+}
+`, rName, assocName, compSeverity)
+}
diff --git a/website/docs/r/ssm_association.html.markdown b/website/docs/r/ssm_association.html.markdown
index e078648855d..f48806ccabc 100644
--- a/website/docs/r/ssm_association.html.markdown
+++ b/website/docs/r/ssm_association.html.markdown
@@ -35,6 +35,7 @@ The following arguments are supported:
 * `parameters` - (Optional) A block of arbitrary string parameters to pass to the SSM document.
 * `schedule_expression` - (Optional) A cron expression when the association will be applied to the target(s).
 * `targets` - (Optional) A block containing the targets of the SSM association. Targets are documented below. AWS currently supports a maximum of 5 targets.
+* `compliance_severity` - (Optional) The compliance severity for the association. Can be one of the following: `UNSPECIFIED`, `LOW`, `MEDIUM`, `HIGH` or `CRITICAL`
 
 Output Location (`output_location`) is an S3 bucket where you want to store the results of this association: