diff --git a/vpn-transit-gateway/vpn-config.tf b/vpn-transit-gateway/vpn-config.tf
index ef495a5..c1b7ac2 100644
--- a/vpn-transit-gateway/vpn-config.tf
+++ b/vpn-transit-gateway/vpn-config.tf
@@ -1,6 +1,6 @@
 locals {
-  single_vpn_tunnel_loopback   = one(flatten([for k, v in local.vpn_settings : v.tunnel_loopback]))
-  single_vpn_tunnel_ip_address = one(flatten([for k, v in local.vpn_settings : v.ip_address]))
+  single_vpn_tunnel_loopback   = [for k, v in local.vpn_settings : v.tunnel_loopback]
+  single_vpn_tunnel_ip_address = [for k, v in local.vpn_settings : v.ip_address]
   vpn_tunnel_outputs = { for k, v in local.vpn_settings : k => {
     vpn_name          = k
     site              = v.site
@@ -28,7 +28,7 @@ locals {
     tunnel1_vgw_inside_address = aws_vpn_connection.vpn[k].tunnel1_vgw_inside_address
     tunnel1_interface_number   = length(v.tunnel_interfaces) == 2 ? v.tunnel_interfaces[0] : ""
     tunnel1_track_number       = length(v.tunnel_track) == 2 ? v.tunnel_track[0] : ""
-    tunnel1_loopback           = v.tunnel_loopback != null ? (var.use_single_cgw ? local.single_vpn_tunnel_loopback : v.tunnel_loopback) : ""
+    tunnel1_loopback           = v.tunnel_loopback != null ? (var.use_single_cgw ? one(local.single_vpn_tunnel_loopback) : v.tunnel_loopback) : ""
 
     tunnel2_label              = format("%v %v %v %v %v", aws_vpn_connection.vpn[k].tunnel2_inside_cidr, local.account_id, local.region_short, var.vpc_short_name, v.label)
     tunnel2_bgp_asn            = aws_vpn_connection.vpn[k].tunnel2_bgp_asn
@@ -38,7 +38,7 @@ locals {
     tunnel2_vgw_inside_address = aws_vpn_connection.vpn[k].tunnel2_vgw_inside_address
     tunnel2_interface_number   = length(v.tunnel_interfaces) == 2 ? v.tunnel_interfaces[1] : ""
     tunnel2_track_number       = length(v.tunnel_track) == 2 ? v.tunnel_track[1] : ""
-    tunnel2_loopback           = v.tunnel_loopback != null ? (var.use_single_cgw ? local.single_vpn_tunnel_loopback : v.tunnel_loopback) : ""
+    tunnel2_loopback           = v.tunnel_loopback != null ? (var.use_single_cgw ? one(local.single_vpn_tunnel_loopback) : v.tunnel_loopback) : ""
     }
   }
   vpn_tunnel_secrets = { for k, v in local.vpn_settings : k => {
@@ -53,8 +53,8 @@ locals {
   vpn_site_common_settings = ["account_alias", "account_id", "region", "region_short", "vpc_cidr_block", "vpc_name", "vpc_short_name", "vpn_environment"]
   single_cgw_settings = {
     single_cgw       = var.use_single_cgw ? true : false
-    customer_address = var.use_single_cgw ? local.single_vpn_tunnel_ip_address : ""
-    loopback         = var.use_single_cgw ? local.single_vpn_tunnel_loopback : ""
+    customer_address = var.use_single_cgw ? one(local.single_vpn_tunnel_ip_address) : ""
+    loopback         = var.use_single_cgw ? one(local.single_vpn_tunnel_loopback) : ""
   }
 }