diff --git a/plugins/discovery-ec2/build.gradle b/plugins/discovery-ec2/build.gradle
index 5107bb9051bd1..b57d6bce26633 100644
--- a/plugins/discovery-ec2/build.gradle
+++ b/plugins/discovery-ec2/build.gradle
@@ -72,7 +72,10 @@ tasks.register("writeTestJavaPolicy") {
           "permission org.bouncycastle.crypto.CryptoServicesPermission \"exportSecretKey\";",
           "permission org.bouncycastle.crypto.CryptoServicesPermission \"exportPrivateKey\";",
           "permission java.io.FilePermission \"\${javax.net.ssl.trustStore}\", \"read\";",
-          "  permission java.util.PropertyPermission \"com.amazonaws.sdk.ec2MetadataServiceEndpointOverride\", \"write\";",
+          "permission java.util.PropertyPermission \"com.amazonaws.sdk.ec2MetadataServiceEndpointOverride\", \"write\";",
+          "permission java.security.SecurityPermission \"getProperty.jdk.tls.disabledAlgorithms\";",
+          "permission java.security.SecurityPermission \"getProperty.jdk.certpath.disabledAlgorithms\";",
+          "permission java.security.SecurityPermission \"getProperty.keystore.type.compat\";",
           "};"
         ].join("\n")
       )
diff --git a/plugins/discovery-ec2/src/main/plugin-metadata/plugin-security.policy b/plugins/discovery-ec2/src/main/plugin-metadata/plugin-security.policy
index 5c4dcb01c7251..40a08f3c7d48f 100644
--- a/plugins/discovery-ec2/src/main/plugin-metadata/plugin-security.policy
+++ b/plugins/discovery-ec2/src/main/plugin-metadata/plugin-security.policy
@@ -18,9 +18,4 @@ grant {
   permission java.net.SocketPermission "*", "connect";
 
   permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
-
-  // required for fips
-  permission java.security.SecurityPermission "getProperty.jdk.tls.disabledAlgorithms";
-  permission java.security.SecurityPermission "getProperty.jdk.certpath.disabledAlgorithms";
-  permission java.security.SecurityPermission "getProperty.keystore.type.compat";
 };