diff --git a/example/vault/policies/acme-to-vault.hcl b/example/vault/policies/acme-to-vault.hcl
index b658d81..e6638d8 100644
--- a/example/vault/policies/acme-to-vault.hcl
+++ b/example/vault/policies/acme-to-vault.hcl
@@ -1,17 +1,17 @@
-path "kv/data/service/+/certs/*" {
+path "/kv/data/service/+/certs/*" {
   capabilities = ["read","create","update"]
 }
-path "kv/metadata/service/+/certs" {
+path "/kv/metadata/service/+/certs" {
   capabilities = ["list","read"]
 }
 
-path "kv/data/service/acme-to-vault/account/*" {
+path "/kv/data/service/acme-to-vault/account/*" {
   capabilities = ["read","create","update"]
 }
-path "kv/metadata/service/acme-to-vault/account/*" {
+path "/kv/metadata/service/acme-to-vault/account/*" {
   capabilities = ["list","read"]
 }
 
-path "kv/data/service/acme-to-vault" {
+path "/kv/data/service/acme-to-vault" {
   capabilities = ["read"]
 }
diff --git a/vault/policies/acme-to-vault.hcl b/vault/policies/acme-to-vault.hcl
index 764a3c4..bc07e7f 100644
--- a/vault/policies/acme-to-vault.hcl
+++ b/vault/policies/acme-to-vault.hcl
@@ -1,17 +1,17 @@
-path "[[ .vault.prefix ]]kv/data/service/+/certs/*" {
+path "[[ .vault.root ]]kv/data/service/+/certs/*" {
   capabilities = ["read","create","update"]
 }
-path "[[ .vault.prefix ]]kv/metadata/service/+/certs" {
+path "[[ .vault.root ]]kv/metadata/service/+/certs" {
   capabilities = ["list","read"]
 }
 
-path "[[ .vault.prefix ]]kv/data/service/[[ .instance ]]/account/*" {
+path "[[ .vault.root ]]kv/data/service/[[ .instance ]]/account/*" {
   capabilities = ["read","create","update"]
 }
-path "[[ .vault.prefix ]]kv/metadata/service/[[ .instance ]]/account/*" {
+path "[[ .vault.root ]]kv/metadata/service/[[ .instance ]]/account/*" {
   capabilities = ["list","read"]
 }
 
-path "[[ .vault.prefix ]]kv/data/service/[[ .instance ]]" {
+path "[[ .vault.root ]]kv/data/service/[[ .instance ]]" {
   capabilities = ["read"]
 }