diff --git a/main.tf b/main.tf
index 7933d16..32134a0 100644
--- a/main.tf
+++ b/main.tf
@@ -278,6 +278,26 @@ resource "aws_codepipeline" "default" {
     }
   }
 
+  dynamic "stage" {
+	for_each = var.approve_sns_arn != "" && var.approve_sns_arn != "" ? ["true"] : []
+
+	content {
+		name = "Approval"
+		action {
+			name     = "Approval"
+			category = "Approval"
+			owner    = "AWS"
+			provider = "Manual"
+			version  = "1"
+
+			configuration = {
+				NotificationArn = "${var.approve_sns_arn}"
+				CustomData = "${var.approve_comment}"
+			}
+		}
+	}
+  }
+
   stage {
     name = "Build"
 
diff --git a/variables.tf b/variables.tf
index ab13297..2cf3892 100644
--- a/variables.tf
+++ b/variables.tf
@@ -191,3 +191,13 @@ variable "website_bucket_acl" {
   default     = "public-read"
   description = "Canned ACL of the S3 bucket objects that get served as a website, can be private if using CloudFront with OAI"
 }
+
+variable "approve_comment" {
+  type = string
+  default = "Approval needed for deployment"
+}
+
+variable "approve_sns_arn" {
+  type = string
+  default = ""
+}
\ No newline at end of file