diff --git a/tests/test_core/test_auth.py b/tests/test_core/test_auth.py
index a8fde5d8c..767f743dc 100644
--- a/tests/test_core/test_auth.py
+++ b/tests/test_core/test_auth.py
@@ -275,7 +275,7 @@ def test_access_denied_with_not_allowing_policy():
     inline_policy_document = {
         "Version": "2012-10-17",
         "Statement": [
-            {"Effect": "Allow", "Action": ["ec2:Describe*"], "Resource": "*"}
+            {"Effect": "Allow", "Action": ["ec2:Run*"], "Resource": "*"}
         ],
     }
     access_key = create_user_with_access_key_and_inline_policy(
@@ -288,12 +288,12 @@ def test_access_denied_with_not_allowing_policy():
         aws_secret_access_key=access_key["SecretAccessKey"],
     )
     with assert_raises(ClientError) as ex:
-        client.run_instances(MaxCount=1, MinCount=1)
+        client.describe_instances()
     ex.exception.response["Error"]["Code"].should.equal("AccessDenied")
     ex.exception.response["ResponseMetadata"]["HTTPStatusCode"].should.equal(403)
     ex.exception.response["Error"]["Message"].should.equal(
         "User: arn:aws:iam::{account_id}:user/{user_name} is not authorized to perform: {operation}".format(
-            account_id=ACCOUNT_ID, user_name=user_name, operation="ec2:RunInstances"
+            account_id=ACCOUNT_ID, user_name=user_name, operation="ec2:DescribeInstances"
         )
     )