diff --git a/README.md b/README.md
index 6d62d03..89cd62e 100644
--- a/README.md
+++ b/README.md
@@ -45,7 +45,7 @@ Comment in these badges if they apply to the repository.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [access\_points](#input\_access\_points) | List of access points to create. | map(object({
posix_user = optional(object({
gid = number
uid = number
secondary_gids = optional(list(number))
}))
root_directory = optional(object({
path = string
creation_info = optional(object({
owner_gid = number
owner_uid = number
permissions = string
}))
}))
})) | `{}` | no |
-| [aws\_iam\_principals](#input\_aws\_iam\_principals) | AWS IAM principals which will be allowed to access the file system via the EFS policy. | `list(string)` | `[]` | no |
+| [aws\_iam\_principals](#input\_aws\_iam\_principals) | AWS IAM principals which will be allowed to access the file system via the EFS policy. | `list(string)` | [
"*"
]
| no |
| [bypass\_policy\_lockout\_safety\_check](#input\_bypass\_policy\_lockout\_safety\_check) | A flag to indicate whether to bypass the aws\_efs\_file\_system\_policy lockout safety check. | `bool` | `false` | no |
| [enable\_customer\_managed\_kms](#input\_enable\_customer\_managed\_kms) | If enabled, will create a customer managed KMS key for at-rest encryption. | `bool` | `false` | no |
| [enable\_enhanced\_backups](#input\_enable\_enhanced\_backups) | Enable enhanced backups. | `bool` | `false` | no |
diff --git a/variables.tf b/variables.tf
index bb95891..a9e93ad 100644
--- a/variables.tf
+++ b/variables.tf
@@ -105,7 +105,7 @@ variable "access_points" {
variable "aws_iam_principals" {
description = "AWS IAM principals which will be allowed to access the file system via the EFS policy."
- default = []
+ default = ["*"]
type = list(string)
}