Amazon ECR
User Guide (API Version 2015-09-21)

Creating Amazon ECR IAM Policies

You can create specific IAM policies to restrict the calls and resources that users in your account have access to, and then attach those policies to IAM users.

When you attach a policy to a user or group of users, it allows or denies the users permission to perform the specified tasks on the specified resources. For more general information about IAM policies, see Permissions and Policies in the IAM User Guide. For more information about managing and creating custom IAM policies, see Managing IAM Policies.

To create an IAM policy for a user

  1. Open the IAM console at

  2. In the navigation pane, choose Policies, Create Policy.

  3. In the Create Policy section, choose Select next to Create Your Own Policy.

  4. For Policy Name, type your own unique name, such as AmazonECRUserPolicy.

  5. For Policy Document, paste the policy to apply to the user. Examples are provided in the sections below.

  6. Choose Create Policy to finish.

To attach an IAM policy to a user

  1. Open the IAM console at

  2. In the navigation pane, choose Users and then choose the user to attach the policy to.

  3. In the Permissions tab, choose Attach Policy.

  4. In the Attach Policy section, select the custom policy you created in the previous procedure and then choose Attach Policy.