If you try, Terraform willcomplainand fail. sg.tf. As of this writing, any change to any such element of a rule will cause . How to follow the signal when reading the schematic? That is why the rules_map input is available. A list of Security Group rule objects. Terraform currently provides a Security Group resource with ingress and egress rules defined in-line and a Security Group Rule resource which manages one or more ingress or egress rules. My use almost exactly the same as described by this StackOverflow answer security_group.tf source = "ter. It's stating that if you ran the template it would update the parameter for that security group. Simply map the values calculated in the local variable to each item. The for_each value must be a collection . However, the github repository path of this Terraform module includes a module that automatically creates tfvars by bringing information of Security Groups currently configured in AWS, and even creates script statements for importing into Terraform. //