diff --git a/examples/setup/environment.tf b/examples/setup/environment.tf
index 796adaf..ddbec9b 100644
--- a/examples/setup/environment.tf
+++ b/examples/setup/environment.tf
@@ -46,9 +46,7 @@ resource "bytebase_policy" "rollout_policy" {
     automatic = true
     roles = [
       "roles/workspaceAdmin",
-      "roles/projectOwner",
-      "roles/LAST_APPROVER",
-      "roles/CREATOR"
+      "roles/projectOwner"
     ]
   }
 }
diff --git a/provider/data_source_policy.go b/provider/data_source_policy.go
index 46af943..2553ff5 100644
--- a/provider/data_source_policy.go
+++ b/provider/data_source_policy.go
@@ -320,11 +320,6 @@ func getDataSourceQueryPolicySchema(computed bool) *schema.Schema {
 	}
 }
 
-const (
-	issueLastApproverRole = "roles/LAST_APPROVER"
-	issueCreatorRole      = "roles/CREATOR"
-)
-
 func getRolloutPolicySchema(computed bool) *schema.Schema {
 	return &schema.Schema{
 		Computed:    computed,
@@ -348,10 +343,8 @@ func getRolloutPolicySchema(computed bool) *schema.Schema {
 					Description: "If any roles are specified, Bytebase requires users with those roles to manually roll out the change.",
 					Elem: &schema.Schema{
 						Type:        schema.TypeString,
-						Description: fmt.Sprintf(`Role full name in roles/{id} format. You can also use the "%s" for the last approver of the issue, or "%s" for the creator of the issue.`, issueLastApproverRole, issueCreatorRole),
+						Description: `Role full name in roles/{id} format.`,
 						ValidateDiagFunc: internal.ResourceNameValidation(
-							fmt.Sprintf("^%s$", issueLastApproverRole),
-							fmt.Sprintf("^%s$", issueCreatorRole),
 							fmt.Sprintf("^%s", internal.RoleNamePrefix),
 						),
 					},
diff --git a/provider/resource_policy.go b/provider/resource_policy.go
index 19368a0..c8eaf6a 100644
--- a/provider/resource_policy.go
+++ b/provider/resource_policy.go
@@ -496,11 +496,7 @@ func convertToRolloutPolicy(d *schema.ResourceData) (*v1pb.RolloutPolicy, error)
 
 	for _, rawRole := range roles.List() {
 		role := rawRole.(string)
-		if role == issueLastApproverRole || role == issueCreatorRole {
-			policy.IssueRoles = append(policy.IssueRoles, role)
-		} else {
-			policy.Roles = append(policy.Roles, role)
-		}
+		policy.Roles = append(policy.Roles, role)
 	}
 
 	return policy, nil
diff --git a/tutorials/1-2-env-policy-rollout.tf b/tutorials/1-2-env-policy-rollout.tf
index 845b0db..5055d1a 100644
--- a/tutorials/1-2-env-policy-rollout.tf
+++ b/tutorials/1-2-env-policy-rollout.tf
@@ -7,9 +7,7 @@ resource "bytebase_policy" "rollout_policy_test" {
     automatic = true
     roles = [
       "roles/workspaceAdmin",
-      "roles/projectOwner",
-      "roles/LAST_APPROVER",
-      "roles/CREATOR"
+      "roles/projectOwner"
     ]
   }
 }
@@ -23,9 +21,7 @@ resource "bytebase_policy" "rollout_policy_prod" {
     automatic = false
     roles = [
       "roles/workspaceAdmin",
-      "roles/projectOwner",
-      "roles/LAST_APPROVER",
-      "roles/CREATOR"
+      "roles/projectOwner"
     ]
   }
 }
\ No newline at end of file