diff --git a/terraform/iam/users/variables.tf b/terraform/iam/users/variables.tf
index ada19f3..a5efc21 100644
--- a/terraform/iam/users/variables.tf
+++ b/terraform/iam/users/variables.tf
@@ -16,8 +16,9 @@ variable "iam_users" {
     dsk-devops = {
       policies = [
         "arn:aws:iam::508259851457:policy/DSK_LambdaExecute",
-        "arn:aws:iam::aws:policy/AmazonS3FullAccess",
+        "arn:aws:iam::508259851457:policy/DSK_KeyManagementService",
         "arn:aws:iam::aws:policy/AmazonEC2ReadOnlyAccess",
+        "arn:aws:iam::aws:policy/AmazonS3FullAccess",
         "arn:aws:iam::aws:policy/SecurityAudit",
         "arn:aws:iam::aws:policy/AWSWAFReadOnlyAccess",
         "arn:aws:iam::aws:policy/AmazonElasticFileSystemReadOnlyAccess"
@@ -39,31 +40,4 @@ variable "iam_users" {
       ]
     }
   }
-}
-
-# variable "iam_users" {
-#   type = map(object({
-#     policies = list(string)
-#   }))
-#   default = {
-#     dsk-devops = {
-#       policies = [
-#         "arn:aws:iam::aws:policy/AmazonS3FullAccess",
-#         "arn:aws:iam::aws:policy/AmazonEC2ReadOnlyAccess"
-#       ]
-#     },
-#     dsk-developer = {
-#       policies = ["arn:aws:iam::aws:policy/AmazonEC2ReadOnlyAccess"]
-#     },
-#     dsk-readonly = {
-#       policies = [
-#         "arn:aws:iam::aws:policy/AmazonEC2ReadOnlyAccess"
-#       ]
-#     },
-#     dsk-s3-uploader = {
-#       policies = [
-#         "arn:aws:iam::aws:policy/AmazonS3FullAccess"
-#       ]
-#     }
-#   }
-# }
\ No newline at end of file
+}
\ No newline at end of file