diff --git a/README.md b/README.md
index 37a96897..e078a33d 100644
--- a/README.md
+++ b/README.md
@@ -436,6 +436,7 @@ Instead of using default policy SecurityAudit for the account you use for checks
             "kms:list*",
             "lambda:getpolicy",
             "lambda:listfunctions",
+            "logs:DescribeMetricFilters",
             "rds:describe*",
             "rds:downloaddblogfileportion",
             "rds:listtagsforresource",