Amazon ECR

📘 Public exposure of Amazon Elastic Container Registry (ECR) can lead to significant security threats, such as unauthorized access and data breaches. It is crucial to implement strict access controls to protect container images and related data stored in ECR from external threats.

  • Section: Public Exposure
  • Severity: Critical
  • CWE: CWE-668 Exposure of Resource to the Wrong Sphere
  • Assurance Scope: PCI, NIST, HIPPA
  • Threat Modeling Principal: Tampering, Spoofing, Information Disclosure
  • Rule Set: Threat Modeling - Cloud Configuration Check

What’s Next