diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/s3/PostPolicyGenerator.java b/service/src/main/java/org/whispersystems/textsecuregcm/s3/PostPolicyGenerator.java
index 744891e8e..7b8e18d5e 100644
--- a/service/src/main/java/org/whispersystems/textsecuregcm/s3/PostPolicyGenerator.java
+++ b/service/src/main/java/org/whispersystems/textsecuregcm/s3/PostPolicyGenerator.java
@@ -13,40 +13,42 @@ import org.whispersystems.textsecuregcm.util.Pair;
 
 public class PostPolicyGenerator {
 
-  public  static final DateTimeFormatter AWS_DATE_TIME   = DateTimeFormatter.ofPattern("yyyyMMdd'T'HHmmssX");
-  private static final DateTimeFormatter CREDENTIAL_DATE = DateTimeFormatter.ofPattern("yyyyMMdd"          );
+  public static final DateTimeFormatter AWS_DATE_TIME = DateTimeFormatter.ofPattern("yyyyMMdd'T'HHmmssX");
+  private static final DateTimeFormatter CREDENTIAL_DATE = DateTimeFormatter.ofPattern("yyyyMMdd");
 
   private final String region;
   private final String bucket;
   private final String awsAccessId;
 
-  public PostPolicyGenerator(String region, String bucket, String awsAccessId) {
-    this.region      = region;
-    this.bucket      = bucket;
+  public PostPolicyGenerator(final String region, final String bucket, final String awsAccessId) {
+    this.region = region;
+    this.bucket = bucket;
     this.awsAccessId = awsAccessId;
   }
 
-  public Pair<String, String> createFor(ZonedDateTime now, String object, int maxSizeInBytes) {
-    String expiration = now.plusMinutes(30).format(DateTimeFormatter.ISO_INSTANT);
-    String credentialDate = now.format(CREDENTIAL_DATE);
-    String requestDate = now.format(AWS_DATE_TIME);
-    String credential = String.format("%s/%s/%s/s3/aws4_request", awsAccessId, credentialDate, region);
+  public Pair<String, String> createFor(final ZonedDateTime now, final String object, final int maxSizeInBytes) {
+    final String expiration = now.plusMinutes(30).format(DateTimeFormatter.ISO_INSTANT);
+    final String credentialDate = now.format(CREDENTIAL_DATE);
+    final String requestDate = now.format(AWS_DATE_TIME);
+    final String credential = String.format("%s/%s/%s/s3/aws4_request", awsAccessId, credentialDate, region);
 
-    String policy = String.format("{ \"expiration\": \"%s\",\n" +
-        "  \"conditions\": [\n" +
-        "    {\"bucket\": \"%s\"},\n" +
-        "    {\"key\": \"%s\"},\n" +
-        "    {\"acl\": \"private\"},\n" +
-        "    [\"starts-with\", \"$Content-Type\", \"\"],\n" +
-        "    [\"content-length-range\", 1, " + maxSizeInBytes + "],\n" +
-        "\n" +
-        "    {\"x-amz-credential\": \"%s\"},\n" +
-        "    {\"x-amz-algorithm\": \"AWS4-HMAC-SHA256\"},\n" +
-        "    {\"x-amz-date\": \"%s\" }\n" +
-        "  ]\n" +
-        "}", expiration, bucket, object, credential, requestDate);
+    final String policy = String.format("""
+        {
+          "expiration": "%s",
+          "conditions": [
+            {"bucket": "%s"},
+            {"key": "%s"},
+            {"acl": "private"},
+            ["starts-with", "$Content-Type", ""],
+            ["content-length-range", 1, %d],
+
+            {"x-amz-credential": "%s"},
+            {"x-amz-algorithm": "AWS4-HMAC-SHA256"},
+            {"x-amz-date": "%s" }
+          ]
+        }
+        """, expiration, bucket, object, maxSizeInBytes, credential, requestDate);
 
     return new Pair<>(credential, Base64.getEncoder().encodeToString(policy.getBytes(StandardCharsets.UTF_8)));
   }
-
 }