diff --git a/modules/vpc-sc/variables.tf b/modules/vpc-sc/variables.tf
index 3b0bfa6d2e..e852ed1c42 100644
--- a/modules/vpc-sc/variables.tf
+++ b/modules/vpc-sc/variables.tf
@@ -90,10 +90,10 @@ variable "egress_policies" {
   validation {
     condition = alltrue([
       for k, v in var.egress_policies :
-      v.from.identity_type == null || contains([
+      v.from.identity_type == null ? true : contains([
         "IDENTITY_TYPE_UNSPECIFIED", "ANY_IDENTITY",
         "ANY_USER_ACCOUNT", "ANY_SERVICE_ACCOUNT", ""
-      ], coalesce(v.from.identity_type, "-"))
+      ], v.from.identity_type)
     ])
     error_message = "Invalid `from.identity_type` value in egress policy."
   }
@@ -158,10 +158,10 @@ variable "ingress_policies" {
   validation {
     condition = alltrue([
       for k, v in var.ingress_policies :
-      v.from.identity_type == null || contains([
+      v.from.identity_type == null ? true : contains([
         "IDENTITY_TYPE_UNSPECIFIED", "ANY_IDENTITY",
         "ANY_USER_ACCOUNT", "ANY_SERVICE_ACCOUNT", ""
-      ], coalesce(v.from.identity_type, "-"))
+      ], v.from.identity_type)
     ])
     error_message = "Invalid `from.identity_type` value in ingress policy."
   }