RegisterPullTimeUpdateExclusion
Adds an IAM principal to the pull time update exclusion list for a registry. Amazon ECR will not record the pull time if an excluded principal pulls an image.
Request Syntax
{
"principalArn": "string"
}Request Parameters
For information about the parameters that are common to all actions, see Common Parameters.
The request accepts the following data in JSON format.
- principalArn
-
The ARN of the IAM principal to exclude from having image pull times recorded.
Type: String
Length Constraints: Maximum length of 200.
Pattern:
^arn:aws(-[a-z]+)*:iam::[0-9]{12}:(role|user)/[\w+=,.@-]+(/[\w+=,.@-]+)*$Required: Yes
Response Syntax
{
"createdAt": number,
"principalArn": "string"
}Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- createdAt
-
The date and time, expressed in standard JavaScript date format, when the exclusion was created.
Type: Timestamp
- principalArn
-
The ARN of the IAM principal that was added to the pull time update exclusion list.
Type: String
Length Constraints: Maximum length of 200.
Pattern:
^arn:aws(-[a-z]+)*:iam::[0-9]{12}:(role|user)/[\w+=,.@-]+(/[\w+=,.@-]+)*$
Errors
For information about the errors that are common to all actions, see Common Errors.
- ExclusionAlreadyExistsException
-
The specified pull time update exclusion already exists for the registry.
HTTP Status Code: 400
- InvalidParameterException
-
The specified parameter is invalid. Review the available parameters for the API request.
- message
-
The error message associated with the exception.
HTTP Status Code: 400
- LimitExceededException
-
The operation did not succeed because it would have exceeded a service limit for your account. For more information, see Amazon ECR service quotas in the Amazon Elastic Container Registry User Guide.
- message
-
The error message associated with the exception.
HTTP Status Code: 400
- ServerException
-
These errors are usually caused by a server-side issue.
- message
-
The error message associated with the exception.
HTTP Status Code: 500
- ValidationException
-
There was an exception validating this request.
HTTP Status Code: 400
Examples
In the following example or examples, the Authorization header contents
(AUTHPARAMS) must be replaced with an AWS Signature Version 4
signature. For more information about creating these signatures, see Signature
Version 4 Signing Process in the
AWS General
Reference.
You only need to learn how to sign HTTP requests if you intend to manually
create them. When you use the AWS Command Line Interface (AWS CLI)
To exclude an IAM role from pull time tracking
This example adds an IAM role to the pull time update exclusion list so that Amazon ECR will not record image pull timestamps for this principal.
Sample Request
POST / HTTP/1.1
Host: api.ecr.us-west-2.amazonaws.com
Accept-Encoding: identity
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.RegisterPullTimeUpdateExclusion
Content-Type: application/x-amz-json-1.1
User-Agent: aws-cli/2.0 Python/3.8.0 Darwin/20.0.0 botocore/2.0.0
X-Amz-Date: 20251117T220812Z
Authorization: AUTHPARAMS
Content-Length: 73
{
"principalArn": "arn:aws:iam::012345678910:role/ECRAccess"
}Sample Response
HTTP/1.1 200 OK
x-amzn-RequestId: 123a4b56-7c89-01d2-3ef4-example5678f
Content-Type: application/x-amz-json-1.1
Content-Length: 118
Connection: keep-alive
{
"principalArn": "arn:aws:iam::012345678910:role/ECRAccess",
"createdAt": "2025-11-17T22:08:12.659000+00:00"
}See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
