diff --git a/alb.tf b/alb.tf
index a730086..630984f 100644
--- a/alb.tf
+++ b/alb.tf
@@ -1,5 +1,6 @@
 resource "aws_alb" "ingress" {
   name            = local.alb_name
+  internal        = local.internal
   security_groups = [aws_security_group.alb.id]
   subnets         = local.public_subnets
 
@@ -13,4 +14,4 @@ resource "aws_alb" "ingress" {
   }
 
   tags = local.tags
-}
\ No newline at end of file
+}
diff --git a/variables.tf b/variables.tf
index 31971ae..92ef9dc 100644
--- a/variables.tf
+++ b/variables.tf
@@ -1,5 +1,12 @@
 variable "name" {
   description = "Name of load balancer. Also used in security group name."
+  type        = string
+}
+
+variable "internal" {
+  description = "Type of LoadBalancer"
+  type        = bool
+  default     = false
 }
 
 variable "public_subnets" {
@@ -42,15 +49,16 @@ data "aws_subnet" "public_1" {
 }
 
 locals {
-  name                 = var.name
-  alb_name             = replace(local.name, " ", "-")
-  public_subnets       = var.public_subnets
-  http_ports           = var.http_ports
-  https_ports          = var.https_ports
-  all_ports            = concat(local.https_ports, local.http_ports)
-  vpc_id               = data.aws_subnet.public_1.vpc_id
-  target_cidr_blocks   = var.target_cidr_blocks
-  alb_certificate_arn  = var.certificate_arn
+  name                = var.name
+  internal            = var.internal
+  alb_name            = replace(local.name, " ", "-")
+  public_subnets      = var.public_subnets
+  http_ports          = var.http_ports
+  https_ports         = var.https_ports
+  all_ports           = concat(local.https_ports, local.http_ports)
+  vpc_id              = data.aws_subnet.public_1.vpc_id
+  target_cidr_blocks  = var.target_cidr_blocks
+  alb_certificate_arn = var.certificate_arn
 
   // magic to get map of port to listener arn pairs
   listener_http_ports  = aws_alb_listener.http.*.port
@@ -61,13 +69,12 @@ locals {
   listener_https_map   = zipmap(local.listener_https_ports, local.listener_https_arn)
   listeners            = merge(local.listener_http_map, local.listener_https_map)
 
-  access_logs_enable   = var.access_log_bucket == "" ? false : true
-  access_logs_bucket   = var.access_log_bucket
-  access_logs_prefix   = var.access_log_prefix
+  access_logs_enable = var.access_log_bucket == "" ? false : true
+  access_logs_bucket = var.access_log_bucket
+  access_logs_prefix = var.access_log_prefix
 
   tags = {
     Name   = var.name,
     Module = "ALB"
   }
 }
-