diff --git a/modules/karpenter/policy.tf b/modules/karpenter/policy.tf
index 26c0b235c0..b9068d7b60 100644
--- a/modules/karpenter/policy.tf
+++ b/modules/karpenter/policy.tf
@@ -585,7 +585,7 @@ data "aws_iam_policy_document" "v1" {
     condition {
       test     = "StringEquals"
       variable = "iam:PassedToService"
-      values   = ["ec2.${local.dns_suffix}"]
+      values   = distinct(["ec2.${local.dns_suffix}", "ec2.amazonaws.com"])
     }
   }