diff --git a/modules/vm_workload_scanning.cft.yaml b/modules/vm_workload_scanning.cft.yaml
index cc4a49d..53e57e2 100644
--- a/modules/vm_workload_scanning.cft.yaml
+++ b/modules/vm_workload_scanning.cft.yaml
@@ -61,23 +61,14 @@ Conditions:
     Fn::Equals:
       - Ref: IsOrganizational
       - 'true'
-  IsNotOrganizational:
+  IsLambdaEnabled:
     Fn::Equals:
-      - Ref: IsOrganizational
-      - 'false'
-  IsNotOrganizationalAndLambdaEnabled:
-    Fn::And:
-      - Fn::Equals:
-        - Ref: IsOrganizational
-        - 'false'
-      - Fn::Equals:
-        - Ref: LambdaScanningEnabled
-        - 'true'
+      - Ref: LambdaScanningEnabled
+      - 'true'
 
 Resources:
   ScanningRole:
     Type: AWS::IAM::Role
-    Condition: IsNotOrganizational
     Properties:
       RoleName: !Sub sysdig-vm-workload-scanning-${NameSuffix}
       AssumeRolePolicyDocument:
@@ -94,7 +85,6 @@ Resources:
                   Ref: ExternalID
   ECRPolicy:
     Type: AWS::IAM::Policy
-    Condition: IsNotOrganizational
     Properties:
       PolicyName: !Sub sysdig-vm-workload-scanning-${NameSuffix}-ecr
       Roles:
@@ -112,7 +102,7 @@ Resources:
             Resource: '*'
   LambdaPolicy:
     Type: AWS::IAM::Policy
-    Condition: IsNotOrganizationalAndLambdaEnabled
+    Condition: IsLambdaEnabled
     Properties:
       PolicyName: !Sub sysdig-vm-workload-scanning-${NameSuffix}-lambda
       Roles: