diff --git a/locals.tf b/locals.tf
index 7e238a7..6d138fa 100644
--- a/locals.tf
+++ b/locals.tf
@@ -1,10 +1,7 @@
 locals {
   "bucket_arn"               = "arn:aws:s3:::${var.bucket_name}"
   "object_arn"               = "arn:aws:s3:::${var.bucket_name}/${var.prefix}*"
-  policy                     = "${var.write_access ? "${var.delete_access ?
-                                    data.aws_iam_policy_document.user_policy_read_write_delete.json :
-                                    data.aws_iam_policy_document.user_policy_read_write.json
-                                  }" :
-                                  data.aws_iam_policy_document.user_policy_read.json
-                                }"
+  write_access               = "${var.write_access ? "_write" : ""}"
+  delete_access              = "${var.delete_access ? "_delete" : ""}"
+  policy                    = "${data.aws_iam_policy_document.user_policy_read${local.write_access}${local.delete_access}.json}"
 }