diff --git a/README.md b/README.md
index 21ed8faa..c0ca981d 100644
--- a/README.md
+++ b/README.md
@@ -275,7 +275,7 @@ No modules.
 | <a name="input_subnet_id"></a> [subnet\_id](#input\_subnet\_id) | The VPC Subnet ID to launch in | `string` | `null` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | A mapping of tags to assign to the resource | `map(string)` | `{}` | no |
 | <a name="input_tenancy"></a> [tenancy](#input\_tenancy) | The tenancy of the instance (if the instance is running in a VPC). Available values: default, dedicated, host | `string` | `null` | no |
-| <a name="input_timeouts"></a> [timeouts](#input\_timeouts) | Define maximum timeout for creating, updating, and deleting EC2 instance resources | `map(string)` | `{}` | no |
+| <a name="input_timeouts"></a> [timeouts](#input\_timeouts) | Define maximum timeout for creating, updating, and deleting EC2 instance resources | <pre>object({<br/>    create = optional(string)<br/>    update = optional(string)<br/>    delete = optional(string)<br/>  })</pre> | `null` | no |
 | <a name="input_user_data"></a> [user\_data](#input\_user\_data) | The user data to provide when launching the instance. Do not pass gzip-compressed data via this argument; see user\_data\_base64 instead | `string` | `null` | no |
 | <a name="input_user_data_base64"></a> [user\_data\_base64](#input\_user\_data\_base64) | Can be used instead of user\_data to pass base64-encoded binary data directly. Use this instead of user\_data whenever the value is not a valid UTF-8 string. For example, gzip-encoded user data must be base64-encoded and passed via this argument to avoid corruption | `string` | `null` | no |
 | <a name="input_user_data_replace_on_change"></a> [user\_data\_replace\_on\_change](#input\_user\_data\_replace\_on\_change) | When used in combination with user\_data or user\_data\_base64 will trigger a destroy and recreate when set to true. Defaults to false if not set | `bool` | `null` | no |
diff --git a/examples/complete/README.md b/examples/complete/README.md
index 97e98fa5..0871b41b 100644
--- a/examples/complete/README.md
+++ b/examples/complete/README.md
@@ -21,18 +21,21 @@ Note that this example may create resources which can cost money. Run `terraform
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.5.7 |
 | <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 6.0 |
+| <a name="requirement_random"></a> [random](#requirement\_random) | >= 3.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
 | <a name="provider_aws"></a> [aws](#provider\_aws) | >= 6.0 |
+| <a name="provider_random"></a> [random](#provider\_random) | >= 3.0 |
 
 ## Modules
 
 | Name | Source | Version |
 |------|--------|---------|
 | <a name="module_ec2_complete"></a> [ec2\_complete](#module\_ec2\_complete) | ../../ | n/a |
+| <a name="module_ec2_computed_name"></a> [ec2\_computed\_name](#module\_ec2\_computed\_name) | ../../ | n/a |
 | <a name="module_ec2_disabled"></a> [ec2\_disabled](#module\_ec2\_disabled) | ../../ | n/a |
 | <a name="module_ec2_ignore_ami_changes"></a> [ec2\_ignore\_ami\_changes](#module\_ec2\_ignore\_ami\_changes) | ../../ | n/a |
 | <a name="module_ec2_metadata_options"></a> [ec2\_metadata\_options](#module\_ec2\_metadata\_options) | ../../ | n/a |
@@ -55,6 +58,7 @@ Note that this example may create resources which can cost money. Run `terraform
 | [aws_kms_key.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key) | resource |
 | [aws_network_interface.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/network_interface) | resource |
 | [aws_placement_group.web](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/placement_group) | resource |
+| [random_string.suffix](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/string) | resource |
 | [aws_ami.amazon_linux](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ami) | data source |
 | [aws_availability_zones.available](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/availability_zones) | data source |
 
diff --git a/examples/complete/main.tf b/examples/complete/main.tf
index d43bf633..f5de38c3 100644
--- a/examples/complete/main.tf
+++ b/examples/complete/main.tf
@@ -146,6 +146,22 @@ module "ec2_t3_unlimited" {
   tags = local.tags
 }
 
+# https://github.com/terraform-aws-modules/terraform-aws-ec2-instance/issues/456
+module "ec2_computed_name" {
+  source = "../../"
+
+  name = join("-", [local.name, random_string.suffix.result])
+
+  ignore_ami_changes = true
+  ami                = data.aws_ami.amazon_linux.id
+
+  instance_type     = "t3.micro"
+  availability_zone = element(module.vpc.azs, 0)
+  subnet_id         = element(module.vpc.private_subnets, 0)
+
+  tags = local.tags
+}
+
 module "ec2_disabled" {
   source = "../../"
 
@@ -383,3 +399,10 @@ resource "aws_network_interface" "this" {
   subnet_id       = element(module.vpc.private_subnets, 0)
   security_groups = [module.security_group.security_group_id]
 }
+
+resource "random_string" "suffix" {
+  length  = 2
+  numeric = false
+  upper   = false
+  special = false
+}
diff --git a/examples/complete/versions.tf b/examples/complete/versions.tf
index db13b0a8..3fe2eafa 100644
--- a/examples/complete/versions.tf
+++ b/examples/complete/versions.tf
@@ -6,5 +6,9 @@ terraform {
       source  = "hashicorp/aws"
       version = ">= 6.0"
     }
+    random = {
+      source  = "hashicorp/random"
+      version = ">= 3.0"
+    }
   }
 }
diff --git a/main.tf b/main.tf
index 4eac769e..526ffd3d 100644
--- a/main.tf
+++ b/main.tf
@@ -219,10 +219,14 @@ resource "aws_instance" "this" {
   volume_tags                 = var.enable_volume_tags ? merge(var.tags, var.volume_tags, { "Name" = var.name }) : null
   vpc_security_group_ids      = var.network_interface == null ? local.vpc_security_group_ids : null
 
-  timeouts {
-    create = try(var.timeouts.create, null)
-    update = try(var.timeouts.update, null)
-    delete = try(var.timeouts.delete, null)
+  dynamic "timeouts" {
+    for_each = var.timeouts != null ? [var.timeouts] : []
+
+    content {
+      create = timeouts.value.create
+      update = timeouts.value.update
+      delete = timeouts.value.delete
+    }
   }
 }
 
@@ -409,10 +413,14 @@ resource "aws_instance" "ignore_ami" {
   volume_tags                 = var.enable_volume_tags ? merge(var.tags, var.volume_tags, { "Name" = var.name }) : null
   vpc_security_group_ids      = var.network_interface == null ? local.vpc_security_group_ids : null
 
-  timeouts {
-    create = try(var.timeouts.create, null)
-    update = try(var.timeouts.update, null)
-    delete = try(var.timeouts.delete, null)
+  dynamic "timeouts" {
+    for_each = var.timeouts != null ? [var.timeouts] : []
+
+    content {
+      create = timeouts.value.create
+      update = timeouts.value.update
+      delete = timeouts.value.delete
+    }
   }
 
   lifecycle {
@@ -596,9 +604,13 @@ resource "aws_spot_instance_request" "this" {
   volume_tags                 = var.enable_volume_tags ? merge(var.tags, var.volume_tags, { "Name" = var.name }) : null
   vpc_security_group_ids      = var.network_interface == null ? local.vpc_security_group_ids : null
 
-  timeouts {
-    create = try(var.timeouts.create, null)
-    delete = try(var.timeouts.delete, null)
+  dynamic "timeouts" {
+    for_each = var.timeouts != null ? [var.timeouts] : []
+
+    content {
+      create = timeouts.value.create
+      delete = timeouts.value.delete
+    }
   }
 
   lifecycle {
@@ -609,7 +621,7 @@ resource "aws_spot_instance_request" "this" {
 }
 
 resource "aws_ec2_tag" "spot_instance" {
-  for_each = { for k, v in local.instance_tags : k => v if local.create && var.create_spot_instance }
+  for_each = local.create && var.create_spot_instance ? local.instance_tags : {}
 
   resource_id = aws_spot_instance_request.this[0].spot_instance_id
   key         = each.key
diff --git a/variables.tf b/variables.tf
index 8df6532c..e5f9a877 100644
--- a/variables.tf
+++ b/variables.tf
@@ -360,8 +360,12 @@ variable "vpc_security_group_ids" {
 
 variable "timeouts" {
   description = "Define maximum timeout for creating, updating, and deleting EC2 instance resources"
-  type        = map(string)
-  default     = {}
+  type = object({
+    create = optional(string)
+    update = optional(string)
+    delete = optional(string)
+  })
+  default = null
 }
 
 ################################################################################
diff --git a/wrappers/main.tf b/wrappers/main.tf
index fe9fc307..18c1aa2f 100644
--- a/wrappers/main.tf
+++ b/wrappers/main.tf
@@ -92,7 +92,7 @@ module "wrapper" {
   subnet_id                           = try(each.value.subnet_id, var.defaults.subnet_id, null)
   tags                                = try(each.value.tags, var.defaults.tags, {})
   tenancy                             = try(each.value.tenancy, var.defaults.tenancy, null)
-  timeouts                            = try(each.value.timeouts, var.defaults.timeouts, {})
+  timeouts                            = try(each.value.timeouts, var.defaults.timeouts, null)
   user_data                           = try(each.value.user_data, var.defaults.user_data, null)
   user_data_base64                    = try(each.value.user_data_base64, var.defaults.user_data_base64, null)
   user_data_replace_on_change         = try(each.value.user_data_replace_on_change, var.defaults.user_data_replace_on_change, null)