Deployment Failures due to Missing ECR Permissions are Unclear

[ashovlin]

Describe the bug
If a user is missing permissions for the ECR actions that are required to push an image, a deployment may fail without any indication that it is permissions related.

To Reproduce
Attempt to deploy an ASP.NET project to Amazon ECS using Fargate from a profile that does not have permissions outlined in https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policy-examples.html

Logs
Missing ecr:PutImage:

...
85e4188ce0b6: Retrying in 2 seconds
f6f8b240d039: Retrying in 1 second
ef88254ae9f8: Retrying in 1 second
81d60a2eba3d: Retrying in 1 second
5f70bf18a086: Retrying in 1 second
85e4188ce0b6: Retrying in 1 second
EOF

Failed to push Docker Image

Added the write permissions for pushing, but missing BatchCheckLayerAvailability

...
4832fdfc801b: Waiting
bada36334461: Waiting
4e7bd47e4668: Waiting
error parsing HTTP 403 response body: unexpected end of JSON input: ""


Failed to push Docker Image

Expected behavior
It would be nice if we can check if we have appropriate permissions prior to deployment and show a helpful error if not, or at least throw a more helpful exception like we do elsewhere:

Unhandled exception.  This is a bug.  Please copy the stack trace below and file a bug at https://github.com/aws/aws-dotnet-deploy.
User: arn:aws:iam::<redacted> is not authorized to perform: cloudformation:DescribeStackEvents on resource:

Environment (please complete the following information):

• CLI Version: [eg. 1.0.0] 0.36.8
• Include the output of dotnet --info

Version:   6.0.201

• OS Info: Windows 10

---

This is a 🐛 bug report