diff --git a/README.md b/README.md
index 950a50b..df86be2 100644
--- a/README.md
+++ b/README.md
@@ -7,9 +7,10 @@ You may set common options and override them on a per-repository basis with an e
 
 Lambda ARNS must be declared in a separate list that can only be defined at a per-repository level. This adds additional permissions that allow Lambda to access ECR repositories to use as a runtime container.
 
+ecr_prefix must be provided. This is to provide some logical separation of ECR repositories. This should typically be the name of the tenant or team.
+
 ## Expected YAML config with Explanations
 ```
-tenant: <TENANT NAME> #This is used as a prefix for your ECR repo. i.e. <prefix>/<repo name>
 common_options: # These are common options that can be re-used by all of your ECR repositories
   create_lifecycle_policy: true # Defaults to false. If set to true you will need to specify repository_lifecycle_policy - this is done via filepath to a json file
   repository_lifecycle_policy: ./policies/example_common_repo_lifecycle_policy.json
@@ -35,7 +36,10 @@ common_options: # These are common options that can be re-used by all of your EC
       - "ecr:GetRepositoryPolicy"
       - "ecr:ListImages"
       - "ecr:ListTagsForResource"
-      resources: ["*"]
+      principals:
+        wildcard:
+          type: "*"
+          identifiers: ["*"]
       effect: Allow
       conditions:
       - orgMatch:
@@ -87,7 +91,8 @@ No resources.
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| <a name="input_ecr_config"></a> [ecr\_config](#input\_ecr\_config) | PAth to YAML file that contains ECR repositories | `any` | n/a | yes |
+| <a name="input_ecr_config"></a> [ecr\_config](#input\_ecr\_config) | Path to YAML file that contains ECR repositories | `any` | n/a | yes |
+| <a name="input_ecr_prefix"></a> [ecr\_prefix](#input\_ecr\_prefix) | This is used to provide logical separation of ECR repositories. This will most likely be the name of the tenant or team | `string` | n/a | yes |
 | <a name="input_tags"></a> [tags](#input\_tags) | n/a | `map(string)` | `{}` | no |
 
 ## Outputs
diff --git a/example/example-terraform.tf b/example/example-terraform.tf
index affe56e..86230c0 100644
--- a/example/example-terraform.tf
+++ b/example/example-terraform.tf
@@ -1,6 +1,7 @@
 module "ecr_repos" {
   source = "../"
-
+  
+  ecr_prefix = "example-tenant"
   ecr_config = yamldecode(file("./example_repos.yaml"))
 
   tags = {
diff --git a/example/example-terragrunt.hcl b/example/example-terragrunt.hcl
index ae50635..f002fec 100644
--- a/example/example-terragrunt.hcl
+++ b/example/example-terragrunt.hcl
@@ -3,7 +3,8 @@ terraform {
 }
 
 inputs = {
-  association_config = yamldecode(file("./example_repos.yaml"))
+  ecr_prefix = "example-tenant"
+  ecr_config = yamldecode(file("./example_repos.yaml"))
 
   tags = {
     cost-centre = "..."
diff --git a/example/example_repos.yaml b/example/example_repos.yaml
index 8b1deac..a26cd92 100644
--- a/example/example_repos.yaml
+++ b/example/example_repos.yaml
@@ -1,4 +1,3 @@
-tenant: <TENANT NAME> #This is used as a prefix for your ECR repo. i.e. <prefix>/<repo name>
 common_options: # These are common options that can be re-used by all of your ECR repositories
   create_lifecycle_policy: true # Defaults to false. If set to true you will need to specify repository_lifecycle_policy - this is done via filepath to a json file
   repository_lifecycle_policy: ./policies/example_common_repo_lifecycle_policy.json
@@ -24,8 +23,10 @@ common_options: # These are common options that can be re-used by all of your EC
       - "ecr:GetRepositoryPolicy"
       - "ecr:ListImages"
       - "ecr:ListTagsForResource"
-      resources: ["*"]
-      effect: Allow
+      principals:
+        wildcard:
+          type: "*"
+          identifiers: ["*"]
       conditions:
       - orgMatch:
         test: "StringLike"
diff --git a/main.tf b/main.tf
index ef693a3..aadfcd7 100644
--- a/main.tf
+++ b/main.tf
@@ -4,7 +4,7 @@ module "ecr" {
 
   for_each = try(var.ecr_config.repo_list, {})
 
-  repository_name = "${var.ecr_config.tenant}/${each.key}"
+  repository_name = "${var.ecr_prefix}/${each.key}"
   repository_type = "private"
 
   create_lifecycle_policy = try(each.value.create_lifecycle_policy, var.ecr_config.common_options.create_lifecycle_policy, false)
diff --git a/variables.tf b/variables.tf
index 1d85f04..f0e0b7c 100644
--- a/variables.tf
+++ b/variables.tf
@@ -1,6 +1,11 @@
+variable "ecr_prefix" {
+  type        = string
+  description = "This is used to provide logical separation of ECR repositories. This will most likely be the name of the tenant or team"
+}
+
 variable "ecr_config" {
   type        = any
-  description = "PAth to YAML file that contains ECR repositories"
+  description = "Path to YAML file that contains ECR repositories"
 }
 
 variable "tags" {