forked from 9652040795/aws-policies
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathecr-policy
More file actions
33 lines (31 loc) · 1.27 KB
/
ecr-policy
File metadata and controls
33 lines (31 loc) · 1.27 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
# https://github.com/awsdocs/amazon-ecr-user-guide/blob/master/doc_source/ecr_managed_policies.md
# https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policies.html
# https://github.com/marketplace/actions/docker-ecr
# This managed policy allows power user access to Amazon ECR, which allows read and write access to repositories, but does not allow users to delete repositories or change the policy documents applied to them.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ecr:GetAuthorizationToken",
"ecr:BatchCheckLayerAvailability",
"ecr:GetDownloadUrlForLayer",
"ecr:GetRepositoryPolicy",
"ecr:DescribeRepositories",
"ecr:ListImages",
"ecr:DescribeImages",
"ecr:BatchGetImage",
"ecr:GetLifecyclePolicy",
"ecr:GetLifecyclePolicyPreview",
"ecr:ListTagsForResource",
"ecr:DescribeImageScanFindings",
"ecr:InitiateLayerUpload",
"ecr:UploadLayerPart",
"ecr:CompleteLayerUpload",
"ecr:PutImage"
],
"Resource": "*"
}
]
}