diff --git a/polaris-core/src/main/java/org/apache/polaris/core/auth/PolarisAuthorizableOperation.java b/polaris-core/src/main/java/org/apache/polaris/core/auth/PolarisAuthorizableOperation.java
index 2013b4f28e..9fc85cadcd 100644
--- a/polaris-core/src/main/java/org/apache/polaris/core/auth/PolarisAuthorizableOperation.java
+++ b/polaris-core/src/main/java/org/apache/polaris/core/auth/PolarisAuthorizableOperation.java
@@ -113,6 +113,7 @@ public enum PolarisAuthorizableOperation {
   LOAD_TABLE(TABLE_READ_PROPERTIES),
   LOAD_TABLE_WITH_READ_DELEGATION(TABLE_READ_DATA),
   LOAD_TABLE_WITH_WRITE_DELEGATION(TABLE_WRITE_DATA),
+  UPDATE_TABLE_ONLY_ADD_SNAPSHOT(TABLE_WRITE_PROPERTIES),
   UPDATE_TABLE(TABLE_WRITE_PROPERTIES),
   UPDATE_TABLE_FOR_STAGED_CREATE(TABLE_CREATE),
   DROP_TABLE_WITHOUT_PURGE(TABLE_DROP),
diff --git a/runtime/service/src/main/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogHandler.java b/runtime/service/src/main/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogHandler.java
index beb5c0f649..30146e41b9 100644
--- a/runtime/service/src/main/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogHandler.java
+++ b/runtime/service/src/main/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogHandler.java
@@ -804,7 +804,11 @@ private UpdateTableRequest applyUpdateFilters(UpdateTableRequest request) {
 
   public LoadTableResponse updateTable(
       TableIdentifier tableIdentifier, UpdateTableRequest request) {
-    PolarisAuthorizableOperation op = PolarisAuthorizableOperation.UPDATE_TABLE;
+    boolean isOnlyAddSnapshot = request.updates().stream()
+        .allMatch(update -> update instanceof MetadataUpdate.AddSnapshot);
+    PolarisAuthorizableOperation op = isOnlyAddSnapshot 
+        ? PolarisAuthorizableOperation.UPDATE_TABLE_ONLY_ADD_SNAPSHOT
+        : PolarisAuthorizableOperation.UPDATE_TABLE;
     authorizeBasicTableLikeOperationOrThrow(
         op, PolarisEntitySubType.ICEBERG_TABLE, tableIdentifier);