diff --git a/main.tf b/main.tf
index 43ab96e..ba26fb3 100644
--- a/main.tf
+++ b/main.tf
@@ -10,7 +10,7 @@ resource "aws_security_group" "default" {
 }
 
 resource "aws_security_group_rule" "egress" {
-  count             = module.this.enabled && var.use_existing_security_groups == false ? 1 : 0
+  count             = module.this.enabled && var.use_existing_security_groups == false && length(var.egress_cidr_blocks) > 0 ? 1 : 0
   description       = "Allow outbound traffic from existing cidr blocks"
   from_port         = 0
   to_port           = 0