diff --git a/policies/gcp-kv1.hcl b/policies/gcp-kv1.hcl
index 70463e0..acc6b34 100644
--- a/policies/gcp-kv1.hcl
+++ b/policies/gcp-kv1.hcl
@@ -1,3 +1,3 @@
 path "secret/{{identity.entity.metadata.project_id}}/*" {
-  capabilities = ["create", "read", "update", "delete", "list"]
+  capabilities = ["read", "list"]
 }