diff --git a/custom/README.md b/custom/README.md
index 609dea7..14241a5 100644
--- a/custom/README.md
+++ b/custom/README.md
@@ -102,10 +102,10 @@ No modules.
 | <a name="input_enable_self"></a> [enable\_self](#input\_enable\_self) | Enable\|Disable self full access | `bool` | `false` | no |
 | <a name="input_ingress_networks"></a> [ingress\_networks](#input\_ingress\_networks) | List of ingress networks for access (with all pre-defined ingress ports) | `list(string)` | `[]` | no |
 | <a name="input_ingress_port_list"></a> [ingress\_port\_list](#input\_ingress\_port\_list) | Ingress port list of 5-tuple: from, to, proto, description, and cidr(list) | `list` | <pre>[<br>  []<br>]</pre> | no |
-| <a name="input_ingress_port_map"></a> [ingress\_port\_map](#input\_ingress\_port\_map) | Ingress port list of objects: from, to, proto, description and cidr(list) | <pre>list(object({<br>    from        = number<br>    to          = number<br>    proto       = any<br>    description = string<br>    cidr        = list(string)<br>  }))</pre> | <pre>[<br>  {}<br>]</pre> | no |
+| <a name="input_ingress_port_map"></a> [ingress\_port\_map](#input\_ingress\_port\_map) | Ingress port list of objects: from, to, proto, description and cidr(list) | <pre>list(object({<br>    from        = number<br>    to          = number<br>    proto       = any<br>    description = string<br>    cidr        = list(string)<br>  }))</pre> | `[]` | no |
 | <a name="input_ingress_security_groups"></a> [ingress\_security\_groups](#input\_ingress\_security\_groups) | List of ingress security groups for all ports | `list(string)` | `[]` | no |
-| <a name="input_ingress_self_port_list"></a> [ingress\_self\_port\_list](#input\_ingress\_self\_port\_list) | Ingress port list of 4-tuple: from, to, proto, description | `list` | <pre>[<br>  [<br>    0,<br>    0,<br>    -1,<br>    "all"<br>  ]<br>]</pre> | no |
-| <a name="input_ingress_self_port_map"></a> [ingress\_self\_port\_map](#input\_ingress\_self\_port\_map) | Ingress self access port list of objects: from, to, proto, description | <pre>list(object({<br>    from        = number<br>    to          = number<br>    proto       = any<br>    description = string<br>  }))</pre> | <pre>[<br>  {}<br>]</pre> | no |
+| <a name="input_ingress_self_port_list"></a> [ingress\_self\_port\_list](#input\_ingress\_self\_port\_list) | Ingress port list of 4-tuple: from, to, proto, description | `list` | <pre>[<br>  []<br>]</pre> | no |
+| <a name="input_ingress_self_port_map"></a> [ingress\_self\_port\_map](#input\_ingress\_self\_port\_map) | Ingress self access port list of objects: from, to, proto, description | <pre>list(object({<br>    from        = number<br>    to          = number<br>    proto       = any<br>    description = string<br>  }))</pre> | `[]` | no |
 | <a name="input_name"></a> [name](#input\_name) | Security Group Name (required) | `string` | n/a | yes |
 | <a name="input_short_description"></a> [short\_description](#input\_short\_description) | Security Group Short Description | `string` | `""` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | Extra security group tags | `map` | `{}` | no |
diff --git a/custom/ports.tf b/custom/ports.tf
index 7a72c3f..7c53124 100644
--- a/custom/ports.tf
+++ b/custom/ports.tf
@@ -9,8 +9,9 @@ locals {
 
   p_fields = ["from", "to", "proto", "description", "cidr"]
   #  p_map    = length(var.ingress_port_list) > 0 ? [for p in local.ports : zipmap(local.p_fields, p)] : var.ingress_port_map
-  p_map    = length(var.ingress_port_list) > 0 ? [for p in flatten(compact(concat(local.ports, var.ingress_port_list))) : zipmap(local.p_fields, p)] : [for p in local.ports : zipmap(local.p_fields, p)]
-  port_map = { "external" = compact(concat(local.p_map, var.ingress_port_map)) }
+  port_source = length(var.ingress_port_list) > 0 ? var.ingress_port_list : local.ports
+  p_map       = [for p in local.port_source : zipmap(local.p_fields, p)]
+  port_map    = { "external" = compact(concat(local.p_map, var.ingress_port_map)) }
 
   p_self_fields  = ["from", "to", "proto", "description"]
   self_port_list = length(var.ingress_self_port_list) > 0 ? [for p in var.ingress_self_port_list : zipmap(local.p_self_fields, p)] : local._defaults["self_port_list"]