AWS > ECR >

ECR Repository Policy

LOW

Source

CloudSploit

ecr-repository-policy

management console

ECR Repository Policy

Ensures ECR repository policies do not enable global or public access to images

ECR repository policies should limit access to images to known IAM entities and AWS accounts and avoid the use of account-level wildcards.

Recommended Actions

Update the repository policy to limit access to known IAM entities.

Links

https://docs.aws.amazon.com/AmazonECR/latest/userguide/RepositoryPolicyExamples.html

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.