diff --git a/packages/cdk/nagSuppressions.ts b/packages/cdk/nagSuppressions.ts
index c115c43e4e..92c00d0fbb 100644
--- a/packages/cdk/nagSuppressions.ts
+++ b/packages/cdk/nagSuppressions.ts
@@ -20,6 +20,28 @@ export const nagSuppressions = (stack: Stack) => {
       ]
     )
 
+    safeAddNagSuppression(
+      stack,
+      "/StatefulStack/Cognito/UserPoolDomain/CloudFrontDomainName/CustomResourcePolicy/Resource",
+      [
+        {
+          id: "AwsSolutions-IAM5",
+          reason: "Suppress error for wildcard permissions. This is an auto generated one for cognito domain"
+        }
+      ]
+    )
+
+    safeAddNagSuppression(
+      stack,
+      "/StatefulStack/AWS679f53fac002430cb0da5b7982bd2287/ServiceRole/Resource",
+      [
+        {
+          id: "AwsSolutions-IAM4",
+          reason: "Suppress error for using AWS managed policy. This is an auto generated one for cognito domain"
+        }
+      ]
+    )
+
     safeAddNagSuppressionGroup(
       stack,
       [