diff --git a/src/AzureIoTHub.Portal.Infrastructure/Services/AwsExternalDeviceService.cs b/src/AzureIoTHub.Portal.Infrastructure/Services/AwsExternalDeviceService.cs
index 0a2b56ee6..714a05361 100644
--- a/src/AzureIoTHub.Portal.Infrastructure/Services/AwsExternalDeviceService.cs
+++ b/src/AzureIoTHub.Portal.Infrastructure/Services/AwsExternalDeviceService.cs
@@ -450,17 +450,15 @@ public async Task RemoveDeviceCredentials(IoTEdgeDevice device)
 
         private async Task RemoveGreengrassCertificateFromPrincipal(IoTEdgeDevice device, string principalId)
         {
-            _ = await this.amazonIoTClient.DetachPolicyAsync(new DetachPolicyRequest
+            foreach (var item in this.configHandler.AWSGreengrassRequiredRoles)
             {
-                Target = principalId,
-                PolicyName = "GreengrassV2IoTThingPolicy"
-            });
+                _ = await this.amazonIoTClient.AttachPolicyAsync(new AttachPolicyRequest
+                {
+                    PolicyName = item,
+                    Target = principalId
+                });
+            }
 
-            _ = await this.amazonIoTClient.DetachPolicyAsync(new DetachPolicyRequest
-            {
-                Target = principalId,
-                PolicyName = "GreengrassCoreTokenExchangeRoleAliasPolicy"
-            });
             _ = await this.amazonIoTClient.DetachThingPrincipalAsync(device.DeviceName, principalId);
 
             _ = await this.amazonSecretsManager.DeleteSecretAsync(new DeleteSecretRequest