diff --git a/main.tf b/main.tf
index 3e7d04d..d1971bc 100644
--- a/main.tf
+++ b/main.tf
@@ -37,12 +37,6 @@ data "aws_iam_policy_document" "lacework_audit_policy" {
   count   = var.use_existing_iam_role_policy ? 0 : 1
   version = "2012-10-17"
 
-  statement {
-    sid       = "GetEbsEncryptionByDefault"
-    actions   = ["ec2:GetEbsEncryptionByDefault"]
-    resources = ["*"]
-  }
-
   statement {
     sid       = "GetBucketPublicAccessBlock"
     actions   = ["s3:GetBucketPublicAccessBlock"]
@@ -199,7 +193,6 @@ data "aws_iam_policy_document" "lacework_audit_policy" {
       "backup:ListRecoveryPointsByResource",
       "backup:ListReportPlans",
       "backup:ListRestoreJobs",
-      "backup:ListTags",
     ]
     resources = ["*"]
   }