diff --git a/website/content/docs/ecs/deploy/manual.mdx b/website/content/docs/ecs/deploy/manual.mdx
index 708a49213a..52b0bda05b 100644
--- a/website/content/docs/ecs/deploy/manual.mdx
+++ b/website/content/docs/ecs/deploy/manual.mdx
@@ -247,7 +247,8 @@ On the Consul server, create a policy that grants the following access for the c
 
 - `acl:write` 
 - `operator:write` 
-- `node:write` 
+- `node:write`
+- `service:write`
 
 The policy allows Consul to generate a token linked to the policy. Refer to [Create a service token](/consul/docs/security/acl/tokens/create/create-a-service-token) for instructions.
 
diff --git a/website/content/docs/ecs/deploy/terraform.mdx b/website/content/docs/ecs/deploy/terraform.mdx
index 623fdb87e3..c091ff4596 100644
--- a/website/content/docs/ecs/deploy/terraform.mdx
+++ b/website/content/docs/ecs/deploy/terraform.mdx
@@ -212,7 +212,8 @@ Verify that you have completed the prerequisites described in [Secure configurat
 
     - `acl:write`
     - `operator:write` 
-    - `node:write` 
+    - `node:write`
+    - `service:write`
     
     The policy allows Consul to generate a token linked to the policy. Refer to [Create a service token](/consul/docs/security/acl/tokens/create/create-a-service-token) for instructions.
 1. Create a token and link it to the ACL controller policy. Refer to the [ACL tokens documentation](/consul/docs/security/acl/tokens) for instructions.