diff --git a/templates/git2s3.template.yaml b/templates/git2s3.template.yaml
index e7e7212..b0ae329 100644
--- a/templates/git2s3.template.yaml
+++ b/templates/git2s3.template.yaml
@@ -616,7 +616,21 @@ Resources:
                   - codebuild:BatchGetBuilds
                 Resource:
                   - !GetAtt GitPullCodeBuild.Arn
-
+              - Effect: Allow
+                Action:
+                  - 'ec2:CreateNetworkInterface'
+                  - 'ec2:DescribeDhcpOptions'
+                  - 'ec2:DescribeNetworkInterfaces'
+                  - 'ec2:DeleteNetworkInterface'
+                  - 'ec2:DescribeSubnets'
+                  - 'ec2:DescribeSecurityGroups'
+                  - 'ec2:DescribeVpcs'
+                Resource:
+                  - '*'
+              - Effect: Allow
+                Action:
+                  - 'ec2:CreateNetworkInterfacePermission'
+                Resource: !Sub 'arn:aws:ec2:${AWS::Region}:${AWS::AccountId}:network-interface/*'
   GitPullCodeBuild:
       Type: AWS::CodeBuild::Project
       Properties:
@@ -625,6 +639,7 @@ Resources:
           - SecurityGroupIds:
               - !Ref 'GitPullSecurityGroup'
             Subnets: !Ref 'SubnetIds'
+            VpcId: !Ref VPCId
           - !Ref 'AWS::NoValue'
         Artifacts:
           Type: NO_ARTIFACTS