AWS AmazonECR documentation change
Summary
Added information about repository creation templates for settings replication
Security assessment
Documents security-related repository settings replication (encryption, permissions) but does not address a specific security vulnerability.
Diff
diff --git a/AmazonECR/latest/userguide/replication.md b/AmazonECR/latest/userguide/replication.md index d0e221bb3..7c9081601 100644 --- a//AmazonECR/latest/userguide/replication.md +++ b//AmazonECR/latest/userguide/replication.md @@ -52 +52 @@ The following should be considered when using private image replication. - * Repository settings aren't replicated. The tag immutability, image scanning, and KMS encryption settings are disabled by default on all repositories created because of a replication action. The tag immutability and image scanning setting can be changed after the repository is created. However, the setting only applies to images pushed after the setting has changed. + * Repository settings aren't replicated by default, you can replicate the repository settings using repository creation templates. These settings include tag mutability, encryption, repository permissions, and lifecycle policies. For more information about repository creation templates, see [Templates to control repositories created during a pull through cache or replication action](./repository-creation-templates.html).