diff --git a/terraform/modules/iam_role_policy/aws_broker/policy.json b/terraform/modules/iam_role_policy/aws_broker/policy.json
index f5bbb88d..bf691619 100644
--- a/terraform/modules/iam_role_policy/aws_broker/policy.json
+++ b/terraform/modules/iam_role_policy/aws_broker/policy.json
@@ -199,6 +199,16 @@
       "Resource": [
         "*"
       ]
+    },
+    {
+      "Effect": "Allow",
+      "Action": [
+        "logs:TagResource"
+      ],
+      "Resource": [
+        "arn:${aws_partition}:logs:${aws_default_region}:${account_id}:log-group:/aws/rds/instance/cg-aws-broker*/*",
+        "arn:${aws_partition}:logs:${aws_default_region}:${account_id}:log-group:/aws/OpenSearchService/domains/cg-broker*/*"
+      ]
     }
   ]
 }