I want to create multiple aws security group rules by reading multiple yaml files located under a different directory using terraform but I am not sure how exactly can I achieve it.

Below is the folder structure:

-> env
    |
    -> prod
        |
        -> external
            |
            -> IXCC
                |
                -> values.yaml
            |
            -> IXCB
                |
                -> values.yaml

my aws_security_group_rules.tf file look like below:

module "security_group_rules" {
    source                  = "../kem-infra-modules/iam-security-group-rules"
    for_each                = fileset("${path.module}/env/prod/external/*/", "values.yaml")

    # Assuming you have output variables from your security_group module
    security_group_id       = module.security_group.security_group_id

    # Use the contents of the YAML file to populate the security group rules
    from_port               = yamldecode(file("${path.module}/env/prod/external/${dirname(each.value)}/values.yaml"))["fromPort"]
    description             = yamldecode(file("${path.module}/env/prod/external/${dirname(each.value)}/values.yaml"))["definition"]
    protocol                = upper(yamldecode(file("${path.module}/env/prod/external/${dirname(each.value)}/values.yaml"))["protocol"])
    to_port                 = yamldecode(file("${path.module}/env/prod/external/${dirname(each.value)}/values.yaml"))["toPort"]
    type                    = yamldecode(file("${path.module}/env/prod/external/${dirname(each.value)}/values.yaml"))["type"]
    cidr_blocks             = yamldecode(file("${path.module}/env/prod/external/${dirname(each.value)}/values.yaml"))["sourceIpCidrs"]

}

My values.yaml files under each folder looks like below:

IXCB - values.yaml:

fromPort: 443
definition: testing
protocol: tcp
toPort: 443
type: ingress
sourceIpCidrs: ["xx.xx.xx.xx/32", "xx.xx.xx.xx/32", "xx.xx.xx.xx/32"]

IXCC - values.yaml:

fromPort: 443
definition: testing
protocol: tcp
toPort: 443
type: ingress
sourceIpCidrs: ["xx.xx.xx.xx/32", "xx.xx.xx.xx/32", "xx.xx.xx.xx/32"]

I am expecting two security group rules to be created but the plan stage shows 0 to add,0 to change & 0 to delete.

I also tried using locals but that too didnt work:

locals.tf:
locals {
  security_group_rules = flatten([
    for dir in fileset("${path.module}/env/prod/external", "*") : [
      for mapping in yamldecode(file("${path.module}/env/prod/external/${dir}/values.yaml"))["principalMappings"] : {
        customer_name = dir
        from_port     = mapping.fromPort
        description   = mapping.definition
        protocol      = upper(mapping.protocol)
        to_port       = mapping.toPort
        type          = mapping.type
        cidr_blocks   = mapping.sourceIpCidrs
      }
    ]
  ])
}

tried calling this locals into the aws security group rules. it still failed.