pacu
pacu copied to clipboard
Discover AWS elastic container registry permissions
The following permissions are not being discovered via bruteforce;
"Effect": "Allow", "Action": "ecr:GetAuthorizationToken"
as well as
"Effect": "Allow", "Action": [ "ecr:GetAuthorizationToken", "ecr:BatchCheckLayerAvailability", "ecr:GetDownloadUrlForLayer", "ecr:GetRepositoryPolicy", "ecr:DescribeRepositories", "ecr:ListImages", "ecr:DescribeImages", "ecr:BatchGetImage", "ecr:InitiateLayerUpload", "ecr:UploadLayerPart", "ecr:CompleteLayerUpload", "ecr:PutImage"
and probably others.
Consider in development roadmap.
-Alex
Thanks Alex, right now that module only supports S3 and EC2, but we are hoping to continue adding services in the future. I'll update this issue when that happens, although I'm not exactly sure when that may be.