diff --git a/pkg/infrastructure/aws/clusterapi/iam.go b/pkg/infrastructure/aws/clusterapi/iam.go
index f5b2617f03e..c5ac6aaeaa0 100644
--- a/pkg/infrastructure/aws/clusterapi/iam.go
+++ b/pkg/infrastructure/aws/clusterapi/iam.go
@@ -71,6 +71,7 @@ var (
 						"elasticloadbalancing:RegisterTargets",
 						"elasticloadbalancing:SetLoadBalancerPoliciesForBackendServer",
 						"elasticloadbalancing:SetLoadBalancerPoliciesOfListener",
+						"elasticloadbalancing:SetSecurityGroups",
 						"kms:DescribeKey",
 					},
 					Resource: iamv1.Resources{
diff --git a/upi/aws/cloudformation/03_cluster_security.yaml b/upi/aws/cloudformation/03_cluster_security.yaml
index ece4aeb2dbf..d7e0876134d 100644
--- a/upi/aws/cloudformation/03_cluster_security.yaml
+++ b/upi/aws/cloudformation/03_cluster_security.yaml
@@ -542,6 +542,7 @@ Resources:
             - "elasticloadbalancing:RegisterTargets"
             - "elasticloadbalancing:SetLoadBalancerPoliciesForBackendServer"
             - "elasticloadbalancing:SetLoadBalancerPoliciesOfListener"
+            - "elasticloadbalancing:SetSecurityGroups"
             - "kms:DescribeKey"
             Resource: "*"