Skip to content

SLK-99566 - Remove ECR Push Permissions from AWS CF Onboarding#19

Merged
semyonmor merged 1 commit intomainfrom
idan-SLK-99566_main
Sep 16, 2025
Merged

SLK-99566 - Remove ECR Push Permissions from AWS CF Onboarding#19
semyonmor merged 1 commit intomainfrom
idan-SLK-99566_main

Conversation

@idanch4
Copy link
Copy Markdown
Contributor

@idanch4 idanch4 commented Aug 20, 2025

removed the following permissions from all cloud formation stacks:

  • "ecr:PutImage"
  • "ecr:InitiateLayerUpload"
  • "ecr:UploadLayerPart"
  • "ecr:CompleteLayerUpload"

all relevant places:

  • single deployment module
  • organization deploys stack from S3 which is defined in autoconnect project.

Push permissions are not required by Aqua and are also not wanted by customers, and since no usage was found for them they are removed here.

@idanchAqua
SLK-99566 - Remove ECR Push Permissions from AWS CF Onboarding
a3ee462 
removed the following permissions from all cloud formation stacks:
- "ecr:PutImage"
- "ecr:InitiateLayerUpload"
- "ecr:UploadLayerPart"
- "ecr:CompleteLayerUpload"

all relevant places:
- single deployment module

* organization deploys stack from S3 which is defined in autoconnect project.

Push permissions are not required by Aqua and are also not wanted by
customers, and since no usage was found for them they are removed here.
@CLAassistant
Copy link
Copy Markdown

CLAassistant commented Aug 20, 2025

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.

Idan Chernihov seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.
You have signed the CLA already but the status is still pending? Let us recheck it.

@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Aug 20, 2025

Terraform Validation Results:

Terraform Format Check ✅
Terraform Init ✅
Terraform Validate ✅
Terraform Test ✅
TFLint Check ✅

Pusher: @idanch4, Action: pull_request, Workflow: PR Checks

@idanch4 idanch4 marked this pull request as ready for review September 16, 2025 11:59
@semyonmor semyonmor merged commit e7598f2 into main Sep 16, 2025
4 of 5 checks passed
@semyonmor semyonmor deleted the idan-SLK-99566_main branch September 16, 2025 12:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@semyonmor semyonmor semyonmor approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@idanch4 @CLAassistant @semyonmor @idanchAqua