diff --git a/cmd/ftl-provisioner-cloudformation/postgres.go b/cmd/ftl-provisioner-cloudformation/postgres.go
index ad1421422..91106ea4b 100644
--- a/cmd/ftl-provisioner-cloudformation/postgres.go
+++ b/cmd/ftl-provisioner-cloudformation/postgres.go
@@ -93,17 +93,20 @@ func PostgresPostUpdate(ctx context.Context, secrets *secretsmanager.Client, byN
 					return fmt.Errorf("failed to create database: %w", err)
 				}
 			}
-			if _, err := db.ExecContext(ctx, fmt.Sprintf(`
-				GRANT CONNECT ON DATABASE %s TO ftluser;
-				GRANT USAGE ON SCHEMA public TO ftluser;
-				GRANT USAGE ON SCHEMA public TO ftluser;
-                GRANT CREATE ON SCHEMA public TO ftluser;
-				GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO ftluser;
-				GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO ftluser;
-				ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON TABLES TO ftluser;
-				ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON SEQUENCES TO ftluser;
-			`, resourceID)); err != nil {
-				return fmt.Errorf("failed to grant FTL user privileges: %w", err)
+			statements := []string{
+				fmt.Sprintf("GRANT CONNECT ON DATABASE %s TO ftluser", resourceID),
+				"GRANT USAGE ON SCHEMA public TO ftluser",
+				"GRANT USAGE ON SCHEMA public TO ftluser",
+				"GRANT CREATE ON SCHEMA public TO ftluser",
+				"GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO ftluser",
+				"GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO ftluser",
+				"ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON TABLES TO ftluser",
+				"ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON SEQUENCES TO ftluser",
+			}
+			for _, stmt := range statements {
+				if _, err := db.ExecContext(ctx, stmt); err != nil {
+					return fmt.Errorf("failed to grant FTL user privileges: %w", err)
+				}
 			}
 		}
 	}