diff --git a/examples/complete/main.tf b/examples/complete/main.tf
index a040d750f2..c16704b499 100644
--- a/examples/complete/main.tf
+++ b/examples/complete/main.tf
@@ -84,6 +84,15 @@ module "eks" {
       type                       = "ingress"
       source_node_security_group = true
     }
+    # Test: https://github.com/terraform-aws-modules/terraform-aws-eks/pull/2319
+    ingress_source_security_group_id = {
+      description              = "Ingress from another computed security group"
+      protocol                 = "tcp"
+      from_port                = 22
+      to_port                  = 22
+      type                     = "ingress"
+      source_security_group_id = aws_security_group.additional.id
+    }
   }
 
   # Extend node-to-node security group rules
@@ -96,6 +105,15 @@ module "eks" {
       type        = "ingress"
       self        = true
     }
+    # Test: https://github.com/terraform-aws-modules/terraform-aws-eks/pull/2319
+    ingress_source_security_group_id = {
+      description              = "Ingress from another computed security group"
+      protocol                 = "tcp"
+      from_port                = 22
+      to_port                  = 22
+      type                     = "ingress"
+      source_security_group_id = aws_security_group.additional.id
+    }
   }
 
   # Self Managed Node Group(s)
diff --git a/main.tf b/main.tf
index 9193031348..ae5a0366e5 100644
--- a/main.tf
+++ b/main.tf
@@ -191,13 +191,12 @@ resource "aws_security_group_rule" "cluster" {
   type              = each.value.type
 
   # Optional
-  description      = lookup(each.value, "description", null)
-  cidr_blocks      = lookup(each.value, "cidr_blocks", null)
-  ipv6_cidr_blocks = lookup(each.value, "ipv6_cidr_blocks", null)
-  prefix_list_ids  = lookup(each.value, "prefix_list_ids", [])
-  self             = lookup(each.value, "self", null)
-  source_security_group_id = lookup(each.value, "source_security_group_id",
-  lookup(each.value, "source_node_security_group", false)) ? local.node_security_group_id : null
+  description              = lookup(each.value, "description", null)
+  cidr_blocks              = lookup(each.value, "cidr_blocks", null)
+  ipv6_cidr_blocks         = lookup(each.value, "ipv6_cidr_blocks", null)
+  prefix_list_ids          = lookup(each.value, "prefix_list_ids", null)
+  self                     = lookup(each.value, "self", null)
+  source_security_group_id = try(each.value.source_node_security_group, false) ? local.node_security_group_id : lookup(each.value, "source_security_group_id", null)
 }
 
 ################################################################################
diff --git a/node_groups.tf b/node_groups.tf
index 36f071610c..07ec3ecda7 100644
--- a/node_groups.tf
+++ b/node_groups.tf
@@ -180,13 +180,12 @@ resource "aws_security_group_rule" "node" {
   type              = each.value.type
 
   # Optional
-  description      = lookup(each.value, "description", null)
-  cidr_blocks      = lookup(each.value, "cidr_blocks", null)
-  ipv6_cidr_blocks = lookup(each.value, "ipv6_cidr_blocks", null)
-  prefix_list_ids  = lookup(each.value, "prefix_list_ids", [])
-  self             = lookup(each.value, "self", null)
-  source_security_group_id = lookup(each.value, "source_security_group_id",
-  lookup(each.value, "source_cluster_security_group", false)) ? local.cluster_security_group_id : null
+  description              = lookup(each.value, "description", null)
+  cidr_blocks              = lookup(each.value, "cidr_blocks", null)
+  ipv6_cidr_blocks         = lookup(each.value, "ipv6_cidr_blocks", null)
+  prefix_list_ids          = lookup(each.value, "prefix_list_ids", [])
+  self                     = lookup(each.value, "self", null)
+  source_security_group_id = try(each.value.source_cluster_security_group, false) ? local.cluster_security_group_id : lookup(each.value, "source_security_group_id", null)
 }
 
 ################################################################################