Aqua CSPM

ECR Repository Policy

Quick Info

Plugin TitleECR Repository Policy
CloudAWS
CategoryECR
DescriptionEnsures ECR repository policies do not enable global or public access to images
More InfoECR repository policies should limit access to images to known IAM entities and AWS accounts and avoid the use of account-level wildcards.
AWS Linkhttps://docs.aws.amazon.com/AmazonECR/latest/userguide/RepositoryPolicyExamples.html
Recommended ActionUpdate the repository policy to limit access to known IAM entities.

Detailed Remediation Steps