diff --git a/src/shared/awsagent/roles.go b/src/shared/awsagent/roles.go
index ba28694a5..54921c7ef 100644
--- a/src/shared/awsagent/roles.go
+++ b/src/shared/awsagent/roles.go
@@ -82,7 +82,8 @@ func (a *Agent) CreateOtterizeIAMRole(ctx context.Context, namespaceName, accoun
 					Value: aws.String(a.clusterName),
 				},
 			},
-			Description: aws.String(iamRoleDescription),
+			Description:         aws.String(iamRoleDescription),
+			PermissionsBoundary: aws.String(fmt.Sprintf("arn:aws:iam::%s:policy/%s-limit-iam-permission-boundary", a.accountID, a.clusterName)),
 		})
 
 		if createRoleError != nil {