diff --git a/patterns/privatelink-access/client.tf b/patterns/privatelink-access/client.tf
index 7e82674496..ff0ad87691 100644
--- a/patterns/privatelink-access/client.tf
+++ b/patterns/privatelink-access/client.tf
@@ -82,7 +82,8 @@ resource "aws_iam_policy" "eks_full_access_policy" {
     Statement = [
       {
         Action = [
-          "eks:*"
+          "eks:DescribeCluster", 
+          "eks:ListClusters"
         ]
         Effect   = "Allow"
         Resource = module.eks.cluster_arn