diff --git a/modules/iam-group-with-policies/policies.tf b/modules/iam-group-with-policies/policies.tf
index 2b021c8c..5a880c11 100644
--- a/modules/iam-group-with-policies/policies.tf
+++ b/modules/iam-group-with-policies/policies.tf
@@ -53,7 +53,10 @@ data "aws_iam_policy_document" "iam_self_management" {
       "iam:DeleteAccessKey",
       "iam:ListAccessKeys",
       "iam:UpdateAccessKey",
-      "iam:GetAccessKeyLastUsed"
+      "iam:GetAccessKeyLastUsed",
+      "iam:TagUser",
+      "iam:ListUserTags",
+      "iam:UntagUser",
     ]
 
     resources = [