Service: Amazon Elastic Container Registry
Short Name:
ecr
ARN Format:
arn:aws:ecr:${Region}:${Account}:repository/${RepositoryName}ARN Regex:
^arn:aws:ecr:.+ReadOnlyAccess
…
AWSConfigRoleAction | Access | Reference | Description |
|---|---|---|---|
| ecr:DescribeImages | Docs | Grants permission to get metadata about the images in a repository, including image size, image tags, and creation date | |
| ecr:DescribePullThroughCacheRules | Docs | Grants permission to describe the pull-through cache rules | |
| ecr:ListImages | Docs | Grants permission to list all the image IDs for a given repository | |
| ecr:DeleteRegistryPolicy | Docs | Grants permission to delete the registry policy | |
| ecr:DeleteRepositoryPolicy | Docs | Grants permission to delete the repository policy from a specified repository | |
| ecr:PutRegistryPolicy | Docs | Grants permission to update the registry policy | |
| ecr:SetRepositoryPolicy | Docs | Grants permission to apply a repository policy on a specified repository to control access permissions | |
| ecr:BatchCheckLayerAvailability | Docs | Grants permission to check the availability of multiple image layers in a specified registry and repository | |
| ecr:BatchGetImage | Docs | Grants permission to get detailed information for specified images within a specified repository | |
| ecr:BatchGetRepositoryScanningConfiguration | Docs | Grants permission to retrieve repository scanning configuration for a list of repositories | |
| ecr:DescribeImageReplicationStatus | Docs | Grants permission to retrieve replication status about an image in a registry, including failure reason if replication fails | |
| ecr:DescribeImageScanFindings | Docs | Grants permission to describe the image scan findings for the specified image | |
| ecr:DescribeRegistry | Docs | Grants permission to describe the registry settings | |
| ecr:DescribeRepositories | Docs | Grants permission to describe image repositories in a registry | |
| ecr:DescribeRepositoryCreationTemplate | Docs | Grants permission to describe the repository creation template | |
| ecr:GetAuthorizationToken | Docs | Grants permission to retrieve a token that is valid for a specified registry for 12 hours | |
| ecr:GetDownloadUrlForLayer | Docs | Grants permission to retrieve the download URL corresponding to an image layer | |
| ecr:GetLifecyclePolicy | Docs | Grants permission to retrieve the specified lifecycle policy | |
| ecr:GetLifecyclePolicyPreview | Docs | Grants permission to retrieve the results of the specified lifecycle policy preview request | |
| ecr:GetRegistryPolicy | Docs | Grants permission to retrieve the registry policy | |
| ecr:GetRegistryScanningConfiguration | Docs | Grants permission to retrieve registry scanning configuration | |
| ecr:GetRepositoryPolicy | Docs | Grants permission to retrieve the repository policy for a specified repository | |
| ecr:ListTagsForResource | Docs | Grants permission to list the tags for an Amazon ECR resource | |
| ecr:ValidatePullThroughCacheRule | Docs | Grants permission to validate the pull-through cache rule | |
| ecr:TagResource | Docs | Grants permission to tag an Amazon ECR resource | |
| ecr:UntagResource | Docs | Grants permission to untag an Amazon ECR resource | |
| ecr:BatchDeleteImage | Docs | Grants permission to delete a list of specified images within a specified repository | |
| ecr:BatchImportUpstreamImage | Docs | Grants permission to retrieve the image from the upstream registry and import it to your private registry | |
| ecr:CompleteLayerUpload | Docs | Grants permission to inform Amazon ECR that the image layer upload for a specified registry, repository name, and upload ID, has completed | |
| ecr:CreatePullThroughCacheRule | Docs | Grants permission to create new pull-through cache rule | |
| ecr:CreateRepository | Docs | Grants permission to create an image repository | |
| ecr:CreateRepositoryCreationTemplate | Docs | Grants permission to create the repository creation template | |
| ecr:DeleteLifecyclePolicy | Docs | Grants permission to delete the specified lifecycle policy | |
| ecr:DeletePullThroughCacheRule | Docs | Grants permission to delete the pull-through cache rule | |
| ecr:DeleteRepository | Docs | Grants permission to delete an existing image repository | |
| ecr:DeleteRepositoryCreationTemplate | Docs | Grants permission to delete the repository creation template | |
| ecr:InitiateLayerUpload | Docs | Grants permission to notify Amazon ECR that you intend to upload an image layer | |
| ecr:PutImage | Docs | Grants permission to create or update the image manifest associated with an image | |
| ecr:PutImageScanningConfiguration | Docs | Grants permission to update the image scanning configuration for a repository | |
| ecr:PutImageTagMutability | Docs | Grants permission to update the image tag mutability settings for a repository | |
| ecr:PutLifecyclePolicy | Docs | Grants permission to create or update a lifecycle policy | |
| ecr:PutRegistryScanningConfiguration | Docs | Grants permission to update registry scanning configuration | |
| ecr:PutReplicationConfiguration | Docs | Grants permission to update the replication configuration for the registry | |
| ecr:ReplicateImage | Docs | Grants permission to replicate images to the destination registry | |
| ecr:StartImageScan | Docs | Grants permission to start an image scan | |
| ecr:StartLifecyclePolicyPreview | Docs | Grants permission to start a preview of the specified lifecycle policy | |
| ecr:UpdatePullThroughCacheRule | Docs | Grants permission to update the pull-through cache rule | |
| ecr:UploadLayerPart | Docs | Grants permission to upload an image layer part to Amazon ECR |
aws:RequestTag/${TagKey}aws:ResourceTag/${TagKey}aws:TagKeysecr:ResourceTag/${TagKey}