diff --git a/modules/products/static-site/iam.tf b/modules/products/static-site/iam.tf
index aecd41f..40acf80 100644
--- a/modules/products/static-site/iam.tf
+++ b/modules/products/static-site/iam.tf
@@ -95,4 +95,15 @@ data "aws_iam_policy_document" "static_site_policy_document" {
       aws_kms_key.static_site_kms.arn,
     ]
   }
+  statement {
+    sid = "Cloudfront"
+
+    actions = [
+      "cloudfront:CreateInvalidation"
+    ]
+
+    resources = [
+      aws_cloudfront_distribution.static_site_distribution.arn,
+    ]
+  }
 }