AWS Security ChangesHomeSearch

AWS whitepapers documentation change

Service: whitepapers · 2025-10-25 · Documentation low

File: whitepapers/latest/build-secure-enterprise-ml-platform/container-repository-management.md

Summary

Removed an example ECR repository policy granting cross-account access to SageMaker.

Security assessment

This is likely documentation restructuring. The removed example was not explicitly insecure, and there is no indication the change addresses a vulnerability.

Diff

diff --git a/whitepapers/latest/build-secure-enterprise-ml-platform/container-repository-management.md b/whitepapers/latest/build-secure-enterprise-ml-platform/container-repository-management.md
index 4950a086d..4dbb692ea 100644
--- a//whitepapers/latest/build-secure-enterprise-ml-platform/container-repository-management.md
+++ b//whitepapers/latest/build-secure-enterprise-ml-platform/container-repository-management.md
@@ -56,23 +55,0 @@ For example, the following policy establishes access to ECR repository by a prin
-    
-    {
-      "Version": "2008-10-17",
-      "Statement": [
-        {
-          "Sid": "SagemakerECRRepo",
-          "Effect": "Allow",
-          "Principal": {
-            "AWS": "<AWS_SageMaker_Principal_ARN in other account>"
-          },
-          "Action": [
-            "ecr:GetDownloadUrlForLayer",
-            "ecr:BatchGetImage",
-            "ecr:BatchCheckLayerAvailability",
-            "ecr:PutImage",
-            "ecr:InitiateLayerUpload",
-            "ecr:UploadLayerPart",
-            "ecr:CompleteLayerUpload"
-          ]
-        }
-      ]
-    }
-