diff --git a/terraform/playground/instance.tf b/terraform/playground/instance.tf
index 4bb8e10d0..8bbfec45b 100644
--- a/terraform/playground/instance.tf
+++ b/terraform/playground/instance.tf
@@ -266,7 +266,8 @@ resource "aws_instance" "playground2" {
   }
 
   tags = {
-    Name = "play-2"
+    Name    = "play-2"
+    Service = "playground"
   }
 
   lifecycle {
diff --git a/terraform/team-members-access/infra-deploy-playground.tf b/terraform/team-members-access/infra-deploy-playground.tf
index fdf7dafa1..26e4b9c5f 100644
--- a/terraform/team-members-access/infra-deploy-playground.tf
+++ b/terraform/team-members-access/infra-deploy-playground.tf
@@ -30,6 +30,29 @@ resource "aws_iam_group_policy" "infra_deploy_playground" {
           "arn:aws:ssm:us-west-1:890664054962:parameter/staging/ansible/all/*",
         ]
       },
+      {
+        "Effect" : "Allow",
+        "Action" : "ec2-instance-connect:SendSSHPublicKey",
+        "Resource" : [
+          "arn:aws:ec2:*:*:instance/*",
+        ],
+        "Condition" : {
+          "StringEquals" : {
+            "ec2:osuser" : "shep",
+            "ec2:ResourceTag/Service" : "playground"
+          }
+        }
+      },
+      {
+        "Effect" : "Allow",
+        "Action" : [
+          "ec2:DescribeInstances",
+          "ec2:DescribeVpcs"
+        ],
+        "Resource" : [
+          "arn:aws:ec2:*:*:instance/*",
+        ],
+      }
     ]
   })
 }