diff --git a/doc_source/configuration-vpc.md b/doc_source/configuration-vpc.md
index 8ac162f6..61e86e91 100755
--- a/doc_source/configuration-vpc.md
+++ b/doc_source/configuration-vpc.md
@@ -38,6 +38,8 @@ Lambda uses your function's permissions to create and manage network interfaces\
 + **ec2:CreateNetworkInterface**
 + **ec2:DescribeNetworkInterfaces**
 + **ec2:DeleteNetworkInterface**
++ **ec2:AssignPrivateIpAddresses**
++ **ec2:UnassignPrivateIpAddresses**
 
 These permissions are included in the AWS managed policy **AWSLambdaVPCAccessExecutionRole**\.
 
@@ -310,4 +312,4 @@ You can use the following sample AWS CloudFormation templates to create VPC conf
 + [vpc\-private\.yaml](https://github.com/awsdocs/aws-lambda-developer-guide/blob/main/templates/vpc-private.yaml) – A VPC with two private subnets and VPC endpoints for Amazon Simple Storage Service \(Amazon S3\) and Amazon DynamoDB\. Use this template to create a VPC for functions that don't need internet access\. This configuration supports use of Amazon S3 and DynamoDB with the AWS SDKs, and access to database resources in the same VPC over a local network connection\.
 + [vpc\-privatepublic\.yaml](https://github.com/awsdocs/aws-lambda-developer-guide/blob/main/templates/vpc-privatepublic.yaml) – A VPC with two private subnets, VPC endpoints, a public subnet with a NAT gateway, and an internet gateway\. Internet\-bound traffic from functions in the private subnets is routed to the NAT gateway using a route table\.
 
-To create a VPC using a template, on the AWS CloudFormation console [Stacks page](https://console.aws.amazon.com/cloudformation/home#/stacks), choose **Create stack**, and then follow the instructions in the **Create stack** wizard\.
\ No newline at end of file
+To create a VPC using a template, on the AWS CloudFormation console [Stacks page](https://console.aws.amazon.com/cloudformation/home#/stacks), choose **Create stack**, and then follow the instructions in the **Create stack** wizard\.