AWS AmazonECR documentation change
Summary
Added JSON policy example for repository access control
Security assessment
Demonstrates repository-level permissions but does not address a specific security issue
Diff
diff --git a/AmazonECR/latest/userguide/repository-policies.md b/AmazonECR/latest/userguide/repository-policies.md index 126895fcc..2735d6557 100644 --- a//AmazonECR/latest/userguide/repository-policies.md +++ b//AmazonECR/latest/userguide/repository-policies.md @@ -35,0 +36,24 @@ This example shows an Amazon ECR repository policy, which allows for a specific +JSON + + +**** + + + + { + "Version":"2012-10-17", + "Statement": [ + { + "Sid": "ECRRepositoryPolicy", + "Effect": "Allow", + "Principal": {"AWS": "arn:aws:iam::111122223333:user/username"}, + "Action": [ + "ecr:DescribeImages", + "ecr:DescribeRepositories" + ], + "Resource": "*" + } + ] + } + +