diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4f56bea..b47dba6 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+### Added
+
+- Add `iam:ListRoleTags` and `iam:UntagRole` permissions to the AWS operator role.
+
 ## [3.4.0] - 2024-01-16
 
 ### Changed
diff --git a/aws-operator-role/iam-policy.json b/aws-operator-role/iam-policy.json
index 6db9028..96b1686 100644
--- a/aws-operator-role/iam-policy.json
+++ b/aws-operator-role/iam-policy.json
@@ -49,6 +49,8 @@
                 "iam:PutRolePolicy",
                 "iam:RemoveRoleFromInstanceProfile",
                 "iam:TagRole",
+                "iam:ListRoleTags",
+                "iam:UntagRole",
                 "iam:UpdateAssumeRolePolicy",
                 "iam:UpdateRoleDescription",
                 "kms:*",