diff --git a/modules/services/trust-relationship/main.tf b/modules/services/trust-relationship/main.tf
index 21834e1..1b78b72 100644
--- a/modules/services/trust-relationship/main.tf
+++ b/modules/services/trust-relationship/main.tf
@@ -89,6 +89,20 @@ data "aws_iam_policy_document" "custom_resources_policy" {
       "*",
     ]
   }
+
+  statement {
+    sid = "GetRuntimeManagementConfig"
+
+    effect = "Allow"
+
+    actions = [
+      "lambda:GetRuntimeManagementConfig",
+    ]
+
+    resources = [
+      "*"
+    ]
+  }
 }
 
 #----------------------------------------------------------
@@ -150,6 +164,10 @@ Resources:
                 Effect: "Allow"
                 Action: "macie2:ListClassificationJobs"
                 Resource: "*"
+              - Sid: "GetRuntimeManagementConfig"
+                Effect: "Allow"
+                Action: "lambda:GetRuntimeManagementConfig"
+                Resource: "*"
 TEMPLATE
 }