diff --git a/provider/indexer-aws/CloudFormation/Automated/elasticsearch.yml b/provider/indexer-aws/CloudFormation/Automated/elasticsearch.yml
index b309e03a0c1b8e6b114866630b9529377692c26b..9127bae2d74be0527eb17b1b0ee3c4c221e13a5f 100644
--- a/provider/indexer-aws/CloudFormation/Automated/elasticsearch.yml
+++ b/provider/indexer-aws/CloudFormation/Automated/elasticsearch.yml
@@ -194,6 +194,7 @@ Resources:
                     !Sub "${Environment}-IndexerServiceIamUserArn"
                   # TODO: need to create cognito user and identity pool and link it to principal for dynamic creation
                 - "arn:aws:iam::888733619319:role/Cognito_osduelasticsearchAuth_Role"
+                - 'arn:aws:cognito-idp:us-east-1:888733619319:userpool/us-east-1_JZGntWnCb'
             Action:
               - "es:*"
               - 'cognito-identity:*'