Elastic Container Registry (ECR)

ECR is described as a fully managed Docker container registry that makes it easy for developers to store, manage, and deploy Docker container images (https://aws.amazon.com/ecr/). The permissions model that it uses can allow for some nasty misconfigurations if a repository isn't set up correctly, mainly because, by design, ECR repositories can be made public or shared with other accounts. This means that, even if we only have a small amount of access, a misconfigured repository could grant us large amounts of access to an environment, depending on what is stored in the Docker images it is hosting.

If we are targeting public repositories in another account, then the main piece of information we need is the ...

Get Hands-On AWS Penetration Testing with Kali Linux now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.