diff --git a/test/check-no-new-access/cfn/iam_users_groups_policies.yaml b/test/check-no-new-access/cfn/iam_users_groups_policies.yaml
index 004dc47..3749099 100644
--- a/test/check-no-new-access/cfn/iam_users_groups_policies.yaml
+++ b/test/check-no-new-access/cfn/iam_users_groups_policies.yaml
@@ -81,7 +81,7 @@ Resources:
             Resource: "arn:aws:sqs:us-east-2:444455556666:queue2"
             Principal:  
               AWS: 
-                - "*" #111122223333
+                - "111122223333" #111122223333
 Outputs:
   AccessKey:
     Value: !Ref 'CFNKeys'
diff --git a/test/check-no-new-access/cfn/reference-policy.json b/test/check-no-new-access/cfn/reference-policy.json
index f092e88..0cc3566 100644
--- a/test/check-no-new-access/cfn/reference-policy.json
+++ b/test/check-no-new-access/cfn/reference-policy.json
@@ -5,7 +5,6 @@
             "Effect": "Allow",
             "Resource": "*",
             "NotAction": [
-                "cloudformation:*",
                 "securityhub:DisableSecurityHub"
             ]
         }