diff --git a/packages/aws-cdk/lib/api/bootstrap/bootstrap-template.yaml b/packages/aws-cdk/lib/api/bootstrap/bootstrap-template.yaml
index 399562f08bade..197c394aea85d 100644
--- a/packages/aws-cdk/lib/api/bootstrap/bootstrap-template.yaml
+++ b/packages/aws-cdk/lib/api/bootstrap/bootstrap-template.yaml
@@ -537,6 +537,10 @@ Resources:
             Effect: Allow
             Principal:
               Service: cloudformation.amazonaws.com
+            Condition:
+              StringEquals:
+                aws:SourceAccount:
+                  Ref: AWS::AccountId
         Version: '2012-10-17'
       ManagedPolicyArns:
         Fn::If: