diff --git a/kubernetes/kubernetes_secrets_to_external_secrets_gcp.sh b/kubernetes/kubernetes_secrets_to_external_secrets_gcp.sh
index bcb282b7..d4ed1130 100755
--- a/kubernetes/kubernetes_secrets_to_external_secrets_gcp.sh
+++ b/kubernetes/kubernetes_secrets_to_external_secrets_gcp.sh
@@ -35,8 +35,8 @@ For every secret, performs the following actions via kubernetes_secrets_to_exter
   - if it does, validates that its content matches the existing secret in Kubernetes
 - creates external secret in the same namespace
 - omits:
-  - kubernetes\.io/service-account-token
-  - secrets ending in *-tls because they are usually generated and managed by Cert Manager automatically
+  - type kubernetes.io/service-account-token
+  - type tls with Cert Manager annotation
 
 Useful to migrate existing secrets to external secrets referencing GCP Secret Manager