We can give all the variables and equal values in the source code tf files , but problem with that if you like to change the values , you have to modify everywhere in the main source code . It could be complex to implement in production env and it’s not easy to use.
So we can use variables in separate file , and refer those in the main source code .
Lets try to deploy security group with 3 input rules using variable in separate file .
here cidr_blocks values for each ingress rules not defined directly in the source code . Instead of that defined in variables.tf file. You can declare with any name for “onprem_ip”.
you can refer this in source code as “var.onprem_ip” . The advantage here is next time if you like to change the ip just update in varaibles.tf file onprem_ip default value to new desired value .
Now lets chane onprem_ip in variables.tf file and try
Now inbound rules source ip changed to 20.16.2.1/32.