diff --git a/ise_device_admin.tf b/ise_device_admin.tf
index d55985a..3f5885d 100644
--- a/ise_device_admin.tf
+++ b/ise_device_admin.tf
@@ -160,14 +160,14 @@ data "ise_device_admin_condition" "device_admin_condition" {
 locals {
   device_admin_policy_sets = [
     for ps in try(local.ise.device_administration.policy_sets, []) : {
-      condition_type             = try(ps.condition.type, local.defaults.ise.device_administration.policy_sets.condition.type, null)
-      condition_is_negate        = try(ps.condition.is_negate, local.defaults.ise.device_administration.policy_sets.condition.is_negate, null)
-      condition_attribute_name   = try(ps.condition.attribute_name, local.defaults.ise.device_administration.policy_sets.condition.attribute_name, null)
-      condition_attribute_value  = try(ps.condition.attribute_value, local.defaults.ise.device_administration.policy_sets.condition.attribute_value, null)
-      condition_dictionary_name  = try(ps.condition.dictionary_name, local.defaults.ise.device_administration.policy_sets.condition.dictionary_name, null)
-      condition_dictionary_value = try(ps.condition.dictionary_value, local.defaults.ise.device_administration.policy_sets.condition.dictionary_value, null)
+      condition_type             = ps.name == "Default" ? null : try(ps.condition.type, local.defaults.ise.device_administration.policy_sets.condition.type, null)
+      condition_is_negate        = ps.name == "Default" ? null : try(ps.condition.is_negate, local.defaults.ise.device_administration.policy_sets.condition.is_negate, null)
+      condition_attribute_name   = ps.name == "Default" ? null : try(ps.condition.attribute_name, local.defaults.ise.device_administration.policy_sets.condition.attribute_name, null)
+      condition_attribute_value  = ps.name == "Default" ? null : try(ps.condition.attribute_value, local.defaults.ise.device_administration.policy_sets.condition.attribute_value, null)
+      condition_dictionary_name  = ps.name == "Default" ? null : try(ps.condition.dictionary_name, local.defaults.ise.device_administration.policy_sets.condition.dictionary_name, null)
+      condition_dictionary_value = ps.name == "Default" ? null : try(ps.condition.dictionary_value, local.defaults.ise.device_administration.policy_sets.condition.dictionary_value, null)
       condition_id               = contains(local.known_conditions_device_admin, try(ps.condition.name, "")) ? ise_device_admin_condition.device_admin_condition[ps.condition.name].id : try(data.ise_device_admin_condition.device_admin_condition[ps.condition.name].id, null)
-      condition_operator         = try(ps.condition.operator, local.defaults.ise.device_administration.policy_sets.condition.operator, null)
+      condition_operator         = ps.name == "Default" ? null : try(ps.condition.operator, local.defaults.ise.device_administration.policy_sets.condition.operator, null)
       description                = try(ps.description, local.defaults.ise.device_administration.policy_sets.description, null)
       is_proxy                   = try(ps.is_proxy, local.defaults.ise.device_administration.policy_sets.is_proxy)
       name                       = ps.name
@@ -671,14 +671,14 @@ locals {
         rank                       = try(rule.rank, local.defaults.ise.device_administration.policy_sets.authentication_rules.rank, null)
         default                    = rule.name == "Default" ? true : null
         state                      = try(rule.state, local.defaults.ise.device_administration.policy_sets.authentication_rules.state, null)
-        condition_type             = try(rule.condition.type, local.defaults.ise.device_administration.policy_sets.authentication_rules.condition.type, null)
+        condition_type             = rule.name == "Default" ? null : try(rule.condition.type, local.defaults.ise.device_administration.policy_sets.authentication_rules.condition.type, null)
         condition_id               = contains(local.known_conditions_device_admin, try(rule.condition.name, "")) ? ise_device_admin_condition.device_admin_condition[rule.condition.name].id : try(data.ise_device_admin_condition.device_admin_condition[rule.condition.name].id, null)
-        condition_is_negate        = try(rule.condition.is_negate, local.defaults.ise.device_administration.policy_sets.authentication_rules.condition.is_negate, null)
-        condition_attribute_name   = try(rule.condition.attribute_name, local.defaults.ise.device_administration.policy_sets.authentication_rules.condition.attribute_name, null)
-        condition_attribute_value  = try(rule.condition.attribute_value, local.defaults.ise.device_administration.policy_sets.authentication_rules.condition.attribute_value, null)
-        condition_dictionary_name  = try(rule.condition.dictionary_name, local.defaults.ise.device_administration.policy_sets.authentication_rules.condition.dictionary_name, null)
-        condition_dictionary_value = try(rule.condition.dictionary_value, local.defaults.ise.device_administration.policy_sets.authentication_rules.condition.dictionary_value, null)
-        condition_operator         = try(rule.condition.operator, local.defaults.ise.device_administration.policy_sets.authentication_rules.condition.operator, null)
+        condition_is_negate        = rule.name == "Default" ? null : try(rule.condition.is_negate, local.defaults.ise.device_administration.policy_sets.authentication_rules.condition.is_negate, null)
+        condition_attribute_name   = rule.name == "Default" ? null : try(rule.condition.attribute_name, local.defaults.ise.device_administration.policy_sets.authentication_rules.condition.attribute_name, null)
+        condition_attribute_value  = rule.name == "Default" ? null : try(rule.condition.attribute_value, local.defaults.ise.device_administration.policy_sets.authentication_rules.condition.attribute_value, null)
+        condition_dictionary_name  = rule.name == "Default" ? null : try(rule.condition.dictionary_name, local.defaults.ise.device_administration.policy_sets.authentication_rules.condition.dictionary_name, null)
+        condition_dictionary_value = rule.name == "Default" ? null : try(rule.condition.dictionary_value, local.defaults.ise.device_administration.policy_sets.authentication_rules.condition.dictionary_value, null)
+        condition_operator         = rule.name == "Default" ? null : try(rule.condition.operator, local.defaults.ise.device_administration.policy_sets.authentication_rules.condition.operator, null)
         identity_source_name       = try(rule.identity_source_name, local.defaults.ise.device_administration.policy_sets.authentication_rules.identity_source_name, null)
         if_auth_fail               = try(rule.if_auth_fail, local.defaults.ise.device_administration.policy_sets.authentication_rules.if_auth_fail, null)
         if_process_fail            = try(rule.if_process_fail, local.defaults.ise.device_administration.policy_sets.authentication_rules.if_process_fail, null)
@@ -1210,14 +1210,14 @@ locals {
         rank                       = try(rule.rank, local.defaults.ise.device_administration.policy_sets.authorization_rules.rank, null)
         default                    = rule.name == "Default" ? true : null
         state                      = try(rule.state, local.defaults.ise.device_administration.policy_sets.authorization_rules.state, null)
-        condition_type             = try(rule.condition.type, local.defaults.ise.device_administration.policy_sets.authorization_rules.condition.type, null)
+        condition_type             = rule.name == "Default" ? null : try(rule.condition.type, local.defaults.ise.device_administration.policy_sets.authorization_rules.condition.type, null)
         condition_id               = contains(local.known_conditions_device_admin, try(rule.condition.name, "")) ? ise_device_admin_condition.device_admin_condition[rule.condition.name].id : try(data.ise_device_admin_condition.device_admin_condition[rule.condition.name].id, null)
-        condition_is_negate        = try(rule.condition.is_negate, local.defaults.ise.device_administration.policy_sets.authorization_rules.condition.is_negate, null)
-        condition_attribute_name   = try(rule.condition.attribute_name, local.defaults.ise.device_administration.policy_sets.authorization_rules.condition.attribute_name, null)
-        condition_attribute_value  = try(rule.condition.attribute_value, local.defaults.ise.device_administration.policy_sets.authorization_rules.condition.attribute_value, null)
-        condition_dictionary_name  = try(rule.condition.dictionary_name, local.defaults.ise.device_administration.policy_sets.authorization_rules.condition.dictionary_name, null)
-        condition_dictionary_value = try(rule.condition.dictionary_value, local.defaults.ise.device_administration.policy_sets.authorization_rules.condition.dictionary_value, null)
-        condition_operator         = try(rule.condition.operator, local.defaults.ise.device_administration.policy_sets.authorization_rules.condition.operator, null)
+        condition_is_negate        = rule.name == "Default" ? null : try(rule.condition.is_negate, local.defaults.ise.device_administration.policy_sets.authorization_rules.condition.is_negate, null)
+        condition_attribute_name   = rule.name == "Default" ? null : try(rule.condition.attribute_name, local.defaults.ise.device_administration.policy_sets.authorization_rules.condition.attribute_name, null)
+        condition_attribute_value  = rule.name == "Default" ? null : try(rule.condition.attribute_value, local.defaults.ise.device_administration.policy_sets.authorization_rules.condition.attribute_value, null)
+        condition_dictionary_name  = rule.name == "Default" ? null : try(rule.condition.dictionary_name, local.defaults.ise.device_administration.policy_sets.authorization_rules.condition.dictionary_name, null)
+        condition_dictionary_value = rule.name == "Default" ? null : try(rule.condition.dictionary_value, local.defaults.ise.device_administration.policy_sets.authorization_rules.condition.dictionary_value, null)
+        condition_operator         = rule.name == "Default" ? null : try(rule.condition.operator, local.defaults.ise.device_administration.policy_sets.authorization_rules.condition.operator, null)
         profile                    = try(rule.profile, local.defaults.ise.device_administration.policy_sets.authorization_rules.profile, null)
         command_sets               = try(rule.command_sets, local.defaults.ise.device_administration.policy_sets.authorization_rules.command_sets, null)
         children = try([for i in rule.condition.children : {
diff --git a/ise_network_access.tf b/ise_network_access.tf
index cf779e2..fa4f98e 100644
--- a/ise_network_access.tf
+++ b/ise_network_access.tf
@@ -273,14 +273,14 @@ data "ise_network_access_condition" "network_access_condition" {
 locals {
   network_access_policy_sets = [
     for ps in try(local.ise.network_access.policy_sets, []) : {
-      condition_type             = try(ps.condition.type, local.defaults.ise.network_access.policy_sets.condition.type, null)
-      condition_is_negate        = try(ps.condition.is_negate, local.defaults.ise.network_access.policy_sets.condition.is_negate, null)
-      condition_attribute_name   = try(ps.condition.attribute_name, local.defaults.ise.network_access.policy_sets.condition.attribute_name, null)
-      condition_attribute_value  = try(ps.condition.attribute_value, local.defaults.ise.network_access.policy_sets.condition.attribute_value, null)
-      condition_dictionary_name  = try(ps.condition.dictionary_name, local.defaults.ise.network_access.policy_sets.condition.dictionary_name, null)
-      condition_dictionary_value = try(ps.condition.dictionary_value, local.defaults.ise.network_access.policy_sets.condition.dictionary_value, null)
+      condition_type             = ps.name == "Default" ? null : try(ps.condition.type, local.defaults.ise.network_access.policy_sets.condition.type, null)
+      condition_is_negate        = ps.name == "Default" ? null : try(ps.condition.is_negate, local.defaults.ise.network_access.policy_sets.condition.is_negate, null)
+      condition_attribute_name   = ps.name == "Default" ? null : try(ps.condition.attribute_name, local.defaults.ise.network_access.policy_sets.condition.attribute_name, null)
+      condition_attribute_value  = ps.name == "Default" ? null : try(ps.condition.attribute_value, local.defaults.ise.network_access.policy_sets.condition.attribute_value, null)
+      condition_dictionary_name  = ps.name == "Default" ? null : try(ps.condition.dictionary_name, local.defaults.ise.network_access.policy_sets.condition.dictionary_name, null)
+      condition_dictionary_value = ps.name == "Default" ? null : try(ps.condition.dictionary_value, local.defaults.ise.network_access.policy_sets.condition.dictionary_value, null)
       condition_id               = contains(local.known_conditions_network_access, try(ps.condition.name, "")) ? ise_network_access_condition.network_access_condition[ps.condition.name].id : try(data.ise_network_access_condition.network_access_condition[ps.condition.name].id, null)
-      condition_operator         = try(ps.condition.operator, local.defaults.ise.network_access.policy_sets.condition.operator, null)
+      condition_operator         = ps.name == "Default" ? null : try(ps.condition.operator, local.defaults.ise.network_access.policy_sets.condition.operator, null)
       description                = try(ps.description, local.defaults.ise.network_access.policy_sets.description, null)
       is_proxy                   = try(ps.is_proxy, local.defaults.ise.network_access.policy_sets.is_proxy)
       name                       = ps.name
@@ -785,14 +785,14 @@ locals {
         rank                       = try(rule.rank, local.defaults.ise.network_access.policy_sets.authentication_rules.rank, null)
         default                    = rule.name == "Default" ? true : null
         state                      = try(rule.state, local.defaults.ise.network_access.policy_sets.authentication_rules.state, null)
-        condition_type             = try(rule.condition.type, local.defaults.ise.network_access.policy_sets.authentication_rules.condition.type, null)
+        condition_type             = rule.name == "Default" ? null : try(rule.condition.type, local.defaults.ise.network_access.policy_sets.authentication_rules.condition.type, null)
         condition_id               = contains(local.known_conditions_network_access, try(rule.condition.name, "")) ? ise_network_access_condition.network_access_condition[rule.condition.name].id : try(data.ise_network_access_condition.network_access_condition[rule.condition.name].id, null)
-        condition_is_negate        = try(rule.condition.is_negate, local.defaults.ise.network_access.policy_sets.authentication_rules.condition.is_negate, null)
-        condition_attribute_name   = try(rule.condition.attribute_name, local.defaults.ise.network_access.policy_sets.authentication_rules.condition.attribute_name, null)
-        condition_attribute_value  = try(rule.condition.attribute_value, local.defaults.ise.network_access.policy_sets.authentication_rules.condition.attribute_value, null)
-        condition_dictionary_name  = try(rule.condition.dictionary_name, local.defaults.ise.network_access.policy_sets.authentication_rules.condition.dictionary_name, null)
-        condition_dictionary_value = try(rule.condition.dictionary_value, local.defaults.ise.network_access.policy_sets.authentication_rules.condition.dictionary_value, null)
-        condition_operator         = try(rule.condition.operator, local.defaults.ise.network_access.policy_sets.authentication_rules.condition.operator, null)
+        condition_is_negate        = rule.name == "Default" ? null : try(rule.condition.is_negate, local.defaults.ise.network_access.policy_sets.authentication_rules.condition.is_negate, null)
+        condition_attribute_name   = rule.name == "Default" ? null : try(rule.condition.attribute_name, local.defaults.ise.network_access.policy_sets.authentication_rules.condition.attribute_name, null)
+        condition_attribute_value  = rule.name == "Default" ? null : try(rule.condition.attribute_value, local.defaults.ise.network_access.policy_sets.authentication_rules.condition.attribute_value, null)
+        condition_dictionary_name  = rule.name == "Default" ? null : try(rule.condition.dictionary_name, local.defaults.ise.network_access.policy_sets.authentication_rules.condition.dictionary_name, null)
+        condition_dictionary_value = rule.name == "Default" ? null : try(rule.condition.dictionary_value, local.defaults.ise.network_access.policy_sets.authentication_rules.condition.dictionary_value, null)
+        condition_operator         = rule.name == "Default" ? null : try(rule.condition.operator, local.defaults.ise.network_access.policy_sets.authentication_rules.condition.operator, null)
         identity_source_name       = try(rule.identity_source_name, local.defaults.ise.network_access.policy_sets.authentication_rules.identity_source_name, null)
         if_auth_fail               = try(rule.if_auth_fail, local.defaults.ise.network_access.policy_sets.authentication_rules.if_auth_fail, null)
         if_process_fail            = try(rule.if_process_fail, local.defaults.ise.network_access.policy_sets.authentication_rules.if_process_fail, null)
@@ -1312,14 +1312,14 @@ locals {
         rank                       = try(rule.rank, local.defaults.ise.network_access.policy_sets.authorization_rules.rank, null)
         default                    = rule.name == "Default" ? true : null
         state                      = try(rule.state, local.defaults.ise.network_access.policy_sets.authorization_rules.state, null)
-        condition_type             = try(rule.condition.type, local.defaults.ise.network_access.policy_sets.authorization_rules.condition.type, null)
+        condition_type             = rule.name == "Default" ? null : try(rule.condition.type, local.defaults.ise.network_access.policy_sets.authorization_rules.condition.type, null)
         condition_id               = contains(local.known_conditions_network_access, try(rule.condition.name, "")) ? ise_network_access_condition.network_access_condition[rule.condition.name].id : try(data.ise_network_access_condition.network_access_condition[rule.condition.name].id, null)
-        condition_is_negate        = try(rule.condition.is_negate, local.defaults.ise.network_access.policy_sets.authorization_rules.condition.is_negate, null)
-        condition_attribute_name   = try(rule.condition.attribute_name, local.defaults.ise.network_access.policy_sets.authorization_rules.condition.attribute_name, null)
-        condition_attribute_value  = try(rule.condition.attribute_value, local.defaults.ise.network_access.policy_sets.authorization_rules.condition.attribute_value, null)
-        condition_dictionary_name  = try(rule.condition.dictionary_name, local.defaults.ise.network_access.policy_sets.authorization_rules.condition.dictionary_name, null)
-        condition_dictionary_value = try(rule.condition.dictionary_value, local.defaults.ise.network_access.policy_sets.authorization_rules.condition.dictionary_value, null)
-        condition_operator         = try(rule.condition.operator, local.defaults.ise.network_access.policy_sets.authorization_rules.condition.operator, null)
+        condition_is_negate        = rule.name == "Default" ? null : try(rule.condition.is_negate, local.defaults.ise.network_access.policy_sets.authorization_rules.condition.is_negate, null)
+        condition_attribute_name   = rule.name == "Default" ? null : try(rule.condition.attribute_name, local.defaults.ise.network_access.policy_sets.authorization_rules.condition.attribute_name, null)
+        condition_attribute_value  = rule.name == "Default" ? null : try(rule.condition.attribute_value, local.defaults.ise.network_access.policy_sets.authorization_rules.condition.attribute_value, null)
+        condition_dictionary_name  = rule.name == "Default" ? null : try(rule.condition.dictionary_name, local.defaults.ise.network_access.policy_sets.authorization_rules.condition.dictionary_name, null)
+        condition_dictionary_value = rule.name == "Default" ? null : try(rule.condition.dictionary_value, local.defaults.ise.network_access.policy_sets.authorization_rules.condition.dictionary_value, null)
+        condition_operator         = rule.name == "Default" ? null : try(rule.condition.operator, local.defaults.ise.network_access.policy_sets.authorization_rules.condition.operator, null)
         profiles                   = try(rule.profiles, local.defaults.ise.network_access.policy_sets.authorization_rules.profiles, null)
         security_group             = try(rule.security_group, local.defaults.ise.network_access.policy_sets.authorization_rules.security_group, null)
         children = try([for i in rule.condition.children : {