diff --git a/README.md b/README.md
index d331cdf..840d178 100644
--- a/README.md
+++ b/README.md
@@ -168,6 +168,7 @@ Available targets:
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
+| <a name="input_access_policies"></a> [access\_policies](#input\_access\_policies) | JSON string for the IAM policy document specifying the access policies for the domain. | `string` | `""` | no |
 | <a name="input_additional_tag_map"></a> [additional\_tag\_map](#input\_additional\_tag\_map) | Additional key-value pairs to add to each map in `tags_as_list_of_maps`. Not added to `tags` or `id`.<br/>This is for some rare cases where resources want additional configuration of tags<br/>and therefore take a list of maps with tag key, value, and additional configuration. | `map(string)` | `{}` | no |
 | <a name="input_advanced_options"></a> [advanced\_options](#input\_advanced\_options) | Key-value string pairs to specify advanced configuration options | `map(string)` | `{}` | no |
 | <a name="input_advanced_security_options_enabled"></a> [advanced\_security\_options\_enabled](#input\_advanced\_security\_options\_enabled) | AWS Elasticsearch Kibana enchanced security plugin enabling (forces new resource) | `bool` | `false` | no |
diff --git a/docs/terraform.md b/docs/terraform.md
index 57ea59c..bb1b841 100644
--- a/docs/terraform.md
+++ b/docs/terraform.md
@@ -43,6 +43,7 @@
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
+| <a name="input_access_policies"></a> [access\_policies](#input\_access\_policies) | JSON string for the IAM policy document specifying the access policies for the domain. | `string` | `""` | no |
 | <a name="input_additional_tag_map"></a> [additional\_tag\_map](#input\_additional\_tag\_map) | Additional key-value pairs to add to each map in `tags_as_list_of_maps`. Not added to `tags` or `id`.<br>This is for some rare cases where resources want additional configuration of tags<br>and therefore take a list of maps with tag key, value, and additional configuration. | `map(string)` | `{}` | no |
 | <a name="input_advanced_options"></a> [advanced\_options](#input\_advanced\_options) | Key-value string pairs to specify advanced configuration options | `map(string)` | `{}` | no |
 | <a name="input_advanced_security_options_enabled"></a> [advanced\_security\_options\_enabled](#input\_advanced\_security\_options\_enabled) | AWS Elasticsearch Kibana enchanced security plugin enabling (forces new resource) | `bool` | `false` | no |
diff --git a/elasticsearch_domain.tf b/elasticsearch_domain.tf
index 2d3071e..9c4cc7f 100644
--- a/elasticsearch_domain.tf
+++ b/elasticsearch_domain.tf
@@ -3,9 +3,9 @@
 #
 
 resource "aws_elasticsearch_domain_policy" "default" {
-  count           = local.elasticsearch_enabled && (length(var.iam_authorizing_role_arns) > 0 || length(var.iam_role_arns) > 0) ? 1 : 0
+  count           = local.elasticsearch_enabled && (length(var.iam_authorizing_role_arns) > 0 || length(var.iam_role_arns) > 0 || length(var.access_policies) > 0) ? 1 : 0
   domain_name     = module.this.id
-  access_policies = join("", data.aws_iam_policy_document.default[*].json)
+  access_policies = coalesce(var.access_policies, join("", data.aws_iam_policy_document.default[*].json))
 }
 
 resource "aws_elasticsearch_domain" "default" {
diff --git a/variables.tf b/variables.tf
index 805bf70..c70f5ee 100644
--- a/variables.tf
+++ b/variables.tf
@@ -448,3 +448,12 @@ variable "auto_tune" {
   }
 }
 
+variable "access_policies" {
+  description = "JSON string for the IAM policy document specifying the access policies for the domain."
+  type        = string
+  default     = ""
+  validation {
+    condition     = var.access_policies == "" || try(jsondecode(var.access_policies), null) != null
+    error_message = "The access_policies JSON string is not valid."
+  }
+}