diff --git a/lms/djangoapps/instructor/permissions.py b/lms/djangoapps/instructor/permissions.py
index a3c9e779d5..11d1cb7554 100644
--- a/lms/djangoapps/instructor/permissions.py
+++ b/lms/djangoapps/instructor/permissions.py
@@ -7,9 +7,11 @@ from courseware.rules import HasAccessRule
 
 ALLOW_STUDENT_TO_BYPASS_ENTRANCE_EXAM = 'instructor.allow_student_to_bypass_entrance_exam'
 ASSIGN_TO_COHORTS = 'instructor.assign_to_cohorts'
+EDIT_COURSE_ACCESS = 'instructor.edit_course_access'
 VIEW_ISSUED_CERTIFICATES = 'instructor.view_issued_certificates'
 
 
 perms[ALLOW_STUDENT_TO_BYPASS_ENTRANCE_EXAM] = HasAccessRule('staff')
 perms[ASSIGN_TO_COHORTS] = HasAccessRule('staff')
+perms[EDIT_COURSE_ACCESS] = HasAccessRule('instructor')
 perms[VIEW_ISSUED_CERTIFICATES] = HasAccessRule('staff')
diff --git a/lms/djangoapps/instructor/views/api.py b/lms/djangoapps/instructor/views/api.py
index b23c54f7e7..c54f369536 100644
--- a/lms/djangoapps/instructor/views/api.py
+++ b/lms/djangoapps/instructor/views/api.py
@@ -151,6 +151,7 @@ from .tools import (
 from ..permissions import (
     ALLOW_STUDENT_TO_BYPASS_ENTRANCE_EXAM,
     ASSIGN_TO_COHORTS,
+    EDIT_COURSE_ACCESS,
     VIEW_ISSUED_CERTIFICATES,
 )
 
@@ -906,7 +907,7 @@ def bulk_beta_modify_access(request, course_id):
 @require_POST
 @ensure_csrf_cookie
 @cache_control(no_cache=True, no_store=True, must_revalidate=True)
-@require_level('instructor')
+@require_course_permission(EDIT_COURSE_ACCESS)
 @require_post_params(
     unique_student_identifier="email or username of user to change access",
     rolename="'instructor', 'staff', 'beta', or 'ccx_coach'",