diff --git a/input.tf b/input.tf
deleted file mode 100644
index fa5b363..0000000
--- a/input.tf
+++ /dev/null
@@ -1,11 +0,0 @@
-variable name {}
-variable network {}
-variable protocol {}
-
-variable ports {
-  type = "list"
-}
-
-variable source_ranges {
-  type = "list"
-}
diff --git a/output.tf b/output.tf
deleted file mode 100644
index 2cfb3dc..0000000
--- a/output.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-output "self_link" {
-  value = "${google_compute_firewall.new-firewall.self_link}"
-}
diff --git a/outputs.tf b/outputs.tf
new file mode 100644
index 0000000..2b332b6
--- /dev/null
+++ b/outputs.tf
@@ -0,0 +1,4 @@
+output "self_link" {
+  description = "The URI of the created resource"
+  value       = "${google_compute_firewall.new-firewall.self_link}"
+}
diff --git a/variables.tf b/variables.tf
new file mode 100644
index 0000000..bc95185
--- /dev/null
+++ b/variables.tf
@@ -0,0 +1,21 @@
+variable name {
+  description = "A unique name for the resource, required by GCE"
+}
+
+variable network {
+  description = "The name of the network to attach this firewall to"
+}
+
+variable protocol {
+  description = "The name of the protocol to allow"
+}
+
+variable ports {
+  description = "List of ports and/or port ranges to allow. This can only be specified if the protocol is TCP or UDP"
+  type        = "list"
+}
+
+variable source_ranges {
+  description = "A list of source CIDR ranges that this firewall applies to. Can't be used for EGRESS"
+  type        = "list"
+}