AWS Security ChangesHomeSearch

AWS AmazonECR medium security documentation change

Service: AmazonECR · 2025-10-25 · Security-related medium

File: AmazonECR/latest/userguide/ecr-requests.md

Summary

Added JSON policy example restricting ECR actions by IP address range

Security assessment

The added policy demonstrates IP-based access control, which is a security feature limiting access to specific network ranges. This directly relates to securing ECR resources.

Diff

diff --git a/AmazonECR/latest/userguide/ecr-requests.md b/AmazonECR/latest/userguide/ecr-requests.md
index 41dbb9395..214ef8dcd 100644
--- a//AmazonECR/latest/userguide/ecr-requests.md
+++ b//AmazonECR/latest/userguide/ecr-requests.md
@@ -115,0 +116,24 @@ IAM policies that filter IP addresses use [IP Address Condition Operators](https
+JSON
+    
+
+****
+    
+    
+    
+    {
+      "Version":"2012-10-17",		 	 	 
+      "Statement": [
+        {
+          "Sid": "IPAllow",
+          "Effect": "Allow",
+          "Principal": "*",
+          "Action": "ecr:*",
+          "Resource": "arn:aws:ecr:*:*:repository/exampleregistry/*",
+          "Condition": {
+             "IpAddress": {"aws:SourceIp": "54.240.143.0/24"}
+          } 
+        } 
+      ]
+    }
+    
+