diff --git a/enos/modules/aws_boundary/iam.tf b/enos/modules/aws_boundary/iam.tf
index 3c6aea894d..46f3c831e0 100644
--- a/enos/modules/aws_boundary/iam.tf
+++ b/enos/modules/aws_boundary/iam.tf
@@ -32,8 +32,9 @@ data "aws_iam_policy_document" "boundary_profile" {
 }
 
 resource "aws_iam_role" "boundary_instance_role" {
-  name               = "boundary_instance_role-${random_string.cluster_id.result}"
-  assume_role_policy = data.aws_iam_policy_document.boundary_instance_role.json
+  name                  = "boundary_instance_role-${random_string.cluster_id.result}"
+  assume_role_policy    = data.aws_iam_policy_document.boundary_instance_role.json
+  force_detach_policies = true
 }
 
 resource "aws_iam_instance_profile" "boundary_profile" {
diff --git a/enos/modules/aws_vault/iam.tf b/enos/modules/aws_vault/iam.tf
index 32dc26112c..2426490cd0 100644
--- a/enos/modules/aws_vault/iam.tf
+++ b/enos/modules/aws_vault/iam.tf
@@ -36,9 +36,10 @@ data "aws_iam_policy_document" "vault_profile" {
 }
 
 resource "aws_iam_role" "vault_instance_role" {
-  count              = var.deploy ? 1 : 0
-  name               = "vault_instance_role-${random_string.cluster_id.result}"
-  assume_role_policy = data.aws_iam_policy_document.vault_instance_role.json
+  count                 = var.deploy ? 1 : 0
+  name                  = "vault_instance_role-${random_string.cluster_id.result}"
+  assume_role_policy    = data.aws_iam_policy_document.vault_instance_role.json
+  force_detach_policies = true
 }
 
 resource "aws_iam_instance_profile" "vault_profile" {
diff --git a/enos/modules/aws_worker/iam.tf b/enos/modules/aws_worker/iam.tf
index 6bddbcd2c4..2ed467d124 100644
--- a/enos/modules/aws_worker/iam.tf
+++ b/enos/modules/aws_worker/iam.tf
@@ -58,8 +58,9 @@ data "aws_iam_policy_document" "combined_policy_document" {
 }
 
 resource "aws_iam_role" "boundary_instance_role" {
-  name               = "boundary_instance_role-${random_string.cluster_id.result}"
-  assume_role_policy = data.aws_iam_policy_document.boundary_instance_role.json
+  name                  = "boundary_instance_role-${random_string.cluster_id.result}"
+  assume_role_policy    = data.aws_iam_policy_document.boundary_instance_role.json
+  force_detach_policies = true
 }
 
 resource "aws_iam_instance_profile" "boundary_profile" {