diff --git a/README.md b/README.md
index a3535a1..f392b82 100644
--- a/README.md
+++ b/README.md
@@ -135,6 +135,11 @@ The audit policy is comprised of the following permissions:
 |                            | apigatewayv2:GetRouteResponses                          |           |
 |                            | apigatewayv2:GetStages                                  |           |
 |                            | apigatewayv2:GetVpcLinks                                |           |
+| WAFREGIONAL                | waf-regional:ListRules                                  | *         |
+|                            | waf-regional:GetRule                                    |           |
+|                            | waf-regional:ListRuleGroups                             |           |
+|                            | waf-regional:GetRuleGroup                               |           |
+|                            | waf-regional:ListActivatedRulesInRuleGroup              |           |
 | GLUE                       | glue:ListWorkflows                                      | *         |
 |                            | glue:BatchGetWorkflows                                  |           |
 |                            | glue:GetTags                                            |           |
diff --git a/main.tf b/main.tf
index c43ce1f..c3a630b 100644
--- a/main.tf
+++ b/main.tf
@@ -134,6 +134,15 @@ data "aws_iam_policy_document" "lacework_audit_policy" {
     "apigatewayv2:GetVpcLinks"]
     resources = ["*"]
   }
+  statement {
+    sid = "WAFREGIONAL"
+    actions = ["waf-regional:ListRules",
+      "waf-regional:GetRule",
+      "waf-regional:ListRuleGroups",
+      "waf-regional:GetRuleGroup",
+      "waf-regional:ListActivatedRulesInRuleGroup"]
+     resources = ["*"]
+  }
   statement {
     sid = "GLUE"
     actions = ["glue:ListWorkflows",