diff --git a/CHANGELOG.md b/CHANGELOG.md
index 994f43a..699e3e7 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,9 @@
 # Changelog
 
+## v0.0.2
+
+- fix access policies
+
 ## v0.0.1
 
 ### Added
diff --git a/main.tf b/main.tf
index 111067e..9e93b44 100644
--- a/main.tf
+++ b/main.tf
@@ -24,13 +24,13 @@ resource "azurerm_key_vault" "kv" {
 
     content {
       tenant_id      = var.tenant_id
-      object_id      = network_acls.value.object_id
-      application_id = network_acls.value.application_id
+      object_id      = access_policy.value.object_id
+      application_id = lookup(access_policy.value, "application_id", null)
 
-      certificate_permissions = network_acls.value.certificate_permissions
-      key_permissions         = network_acls.value.key_permissions
-      secret_permissions      = network_acls.value.secret_permissions
-      storage_permissions     = network_acls.value.storage_permissions
+      certificate_permissions = lookup(access_policy.value, "certificate_permissions", null)
+      key_permissions         = lookup(access_policy.value, "key_permissions", null)
+      secret_permissions      = lookup(access_policy.value, "secret_permissions", null)
+      storage_permissions     = lookup(access_policy.value, "storage_permissions", null)
     }
   }
 
diff --git a/variables.tf b/variables.tf
index 82b741b..aa334c9 100644
--- a/variables.tf
+++ b/variables.tf
@@ -25,14 +25,7 @@ variable "tenant_id" {
 }
 
 variable "access_policy" {
-  type = list(object({
-    object_id               = string
-    application_id          = string
-    certificate_permissions = list(string)
-    key_permissions         = list(string)
-    secret_permissions      = list(string)
-    storage_permissions     = list(string)
-  }))
+  type = list(any)
   description = "(Optional) A list of up to 16 objects describing access policies."
   default     = []
 }