diff --git a/modules/services/cloud-connector-ecs/permissions.tf b/modules/services/cloud-connector-ecs/permissions.tf
index bc76a20a..c9d262e5 100644
--- a/modules/services/cloud-connector-ecs/permissions.tf
+++ b/modules/services/cloud-connector-ecs/permissions.tf
@@ -135,14 +135,14 @@ data "aws_iam_policy_document" "task_definition_reader" {
 
 # image scanning - ecr
 resource "aws_iam_role_policy" "ecr_reader" {
-  count  = local.deploy_image_scanning_with_codebuild ? 1 : 0
+  count  = local.deploy_image_scanning ? 1 : 0
   name   = "ECRReader"
   role   = local.ecs_task_role_id
   policy = data.aws_iam_policy_document.ecr_reader[0].json
 }
 
 data "aws_iam_policy_document" "ecr_reader" {
-  count = local.deploy_image_scanning_with_codebuild ? 1 : 0
+  count = local.deploy_image_scanning ? 1 : 0
   statement {
     effect = "Allow"
     actions = [