diff --git a/packages/@aws-cdk/aws-ecr/lib/repository.ts b/packages/@aws-cdk/aws-ecr/lib/repository.ts
index 1043970e0f052..bf5046b59abc8 100644
--- a/packages/@aws-cdk/aws-ecr/lib/repository.ts
+++ b/packages/@aws-cdk/aws-ecr/lib/repository.ts
@@ -53,7 +53,7 @@ export class Repository extends RepositoryRef {
         const resource = new cloudformation.RepositoryResource(this, 'Resource', {
             repositoryName: props.repositoryName,
             // It says "Text", but they actually mean "Object".
-            repositoryPolicyText: this.policyDocument,
+            repositoryPolicyText: new cdk.Token(() => this.policyDocument),
             lifecyclePolicy: new cdk.Token(() => this.renderLifecyclePolicy()),
         });
 
diff --git a/packages/@aws-cdk/aws-ecr/test/test.repository.ts b/packages/@aws-cdk/aws-ecr/test/test.repository.ts
index 3b4f6c4abf211..6ee31a2075c68 100644
--- a/packages/@aws-cdk/aws-ecr/test/test.repository.ts
+++ b/packages/@aws-cdk/aws-ecr/test/test.repository.ts
@@ -160,6 +160,30 @@ export = {
             'Fn::ImportValue': 'RepoRepositoryArn7F2901C9'
         });
 
+        test.done();
+    },
+
+    'resource policy'(test: Test) {
+        // GIVEN
+        const stack = new cdk.Stack();
+        const repo = new ecr.Repository(stack, 'Repo');
+
+        // WHEN
+        repo.addToResourcePolicy(new cdk.PolicyStatement().addAction('*'));
+
+        // THEN
+        expect(stack).to(haveResource('AWS::ECR::Repository', {
+            RepositoryPolicyText: {
+                Statement: [
+                    {
+                        Action: "*",
+                        Effect: "Allow"
+                    }
+                ],
+                Version: "2012-10-17"
+            },
+        }));
+
         test.done();
     }
 };