diff --git a/rds-postgres/main.tf b/rds-postgres/main.tf
index e0da91d..b046a0e 100644
--- a/rds-postgres/main.tf
+++ b/rds-postgres/main.tf
@@ -70,7 +70,7 @@ resource "aws_security_group" "this_security_group" {
 
   # ingresss external port list (list + vpc if enabaled)
   dynamic "ingress" {
-    for_each = (var.ingress_networks != null && length(var.ingress_networks) > 0) ? local.port_map["external"] : toset([])
+    for_each = (var.ingress_networks != null && length(local.ingress_networks) > 0) ? local.port_map["external"] : toset([])
     iterator = p
     content {
       description = "${local.short_description}: ${p.value["description"]}"
@@ -125,6 +125,7 @@ resource "aws_security_group" "this_security_group" {
 
 
   # egress all
+  #    for_each = (var.egress_networks != null && length(local.egress_networks) > 0) ? local.port_map["external"] : toset([])
   egress {
     description = "${local.short_description}: All"
     from_port   = 0