diff --git a/rds-postgres/data.prefix_lists.tf b/rds-postgres/data.prefix_lists.tf
new file mode 100644
index 0000000..23af189
--- /dev/null
+++ b/rds-postgres/data.prefix_lists.tf
@@ -0,0 +1,15 @@
+data "aws_ec2_managed_prefix_list" "ingress" {
+  for_each = toset(var.ingress_prefix_list_names)
+  filter {
+    name   = "prefix-list-name"
+    values = [each.key]
+  }
+}
+
+data "aws_ec2_managed_prefix_list" "egress" {
+  for_each = toset(var.egress_prefix_list_names)
+  filter {
+    name   = "prefix-list-name"
+    values = [each.key]
+  }
+}
diff --git a/rds-postgres/main.tf b/rds-postgres/main.tf
index d6e831f..bfee84d 100644
--- a/rds-postgres/main.tf
+++ b/rds-postgres/main.tf
@@ -67,7 +67,7 @@ resource "aws_security_group" "this_security_group" {
 
 
   # ingress with prefix lists
-  ingress {
+  dynamic "ingress" {
     for_each = length(var.ingress_prefix_list_names) > 0 ? local.port_map["external"] : {}
     iterator = p
     content {