AWS omics medium security documentation change
Summary
Added a link to documentation about Amazon ECR repository policies for cross-account workflows
Security assessment
The change explicitly references cross-account permissions policies, which are critical for secure resource sharing. Misconfigured permissions could lead to unauthorized access, making this a security-related documentation improvement.
Diff
diff --git a/omics/latest/dev/workflows-ecr.md b/omics/latest/dev/workflows-ecr.md index 4f464b278..0e1a03320 100644 --- a//omics/latest/dev/workflows-ecr.md +++ b//omics/latest/dev/workflows-ecr.md @@ -11 +11 @@ Before you create a private workflow, you create a container image for your work -Container image Amazon ECR repository must reside in the same AWS Region as the account calling the service. A different AWS account can own the container image, as long as the source image repository provides appropriate permissions. +Container image Amazon ECR repository must reside in the same AWS Region as the account calling the service. A different AWS account can own the container image, as long as the source image repository provides appropriate permissions. For more information, see [Amazon Elastic Container Registry repository policies for shared workflows](https://docs.aws.amazon.com/omics/latest/dev/permissions-resource.html#permissions-cross-account).