diff --git a/policies/remco/remco.hcl b/policies/remco/remco.hcl
index 9fc7cf0..51eaac4 100644
--- a/policies/remco/remco.hcl
+++ b/policies/remco/remco.hcl
@@ -1,8 +1,8 @@
 # Allow listing secret parent-child connections (as in UI hierarchy). Subdir
 # underneath 'kv' secrets engine will remain hidden though, user has to
 # manually open up
-# ${VAULT_ADDR}/ui/vault/secrets/kv/list/for_{{identity.groups.ids.83754fb4-ee24-fa6a-52dd-50ef8f1d6665.name}}
-path "kv/metadata/for_{{identity.groups.ids.83754fb4-ee24-fa6a-52dd-50ef8f1d6665.name}}/*" {
+# ${VAULT_ADDR}/ui/vault/secrets/kv/list/for_{{identity.groups.ids.GROUPID.name}}
+path "kv/metadata/for_{{identity.groups.ids.GROUPID.name}}/*" {
     capabilities = ["list"]
 }
 
@@ -12,7 +12,7 @@ path "kv/metadata/for_rbacgroup_remco/*" {
 }
 
 # Grant read-only access to secrets
-path "kv/data/for_{{identity.groups.ids.83754fb4-ee24-fa6a-52dd-50ef8f1d6665.name}}/*" {
+path "kv/data/for_{{identity.groups.ids.GROUPID.name}}/*" {
     capabilities = ["read"]
 }