pacu icon indicating copy to clipboard operation
pacu copied to clipboard

Published 20 hours ago verified publisher icon RhinoSecurityLabs

Discover AWS elastic container registry permissions

Open saryx123 opened this issue 5 years ago • 1 comments

The following permissions are not being discovered via bruteforce;

"Effect": "Allow", "Action": "ecr:GetAuthorizationToken"

as well as

"Effect": "Allow", "Action": [ "ecr:GetAuthorizationToken", "ecr:BatchCheckLayerAvailability", "ecr:GetDownloadUrlForLayer", "ecr:GetRepositoryPolicy", "ecr:DescribeRepositories", "ecr:ListImages", "ecr:DescribeImages", "ecr:BatchGetImage", "ecr:InitiateLayerUpload", "ecr:UploadLayerPart", "ecr:CompleteLayerUpload", "ecr:PutImage"

and probably others.

Consider in development roadmap.

-Alex

saryx123 avatar Nov 05 '18 10:11 saryx123

Thanks Alex, right now that module only supports S3 and EC2, but we are hoping to continue adding services in the future. I'll update this issue when that happens, although I'm not exactly sure when that may be.

SpenGietz avatar Dec 07 '18 17:12 SpenGietz