From 97004266fd2f4064aec1ddf28ca9db7532d67322 Mon Sep 17 00:00:00 2001
From: Sourav Kundu <skundu.dev@gmail.com>
Date: Wed, 27 Nov 2024 16:28:00 -0600
Subject: [PATCH] fix for CKV_AWS_355

---
 deploy/ecs_iam_roles.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/deploy/ecs_iam_roles.tf b/deploy/ecs_iam_roles.tf
index 6f48433..0401af3 100644
--- a/deploy/ecs_iam_roles.tf
+++ b/deploy/ecs_iam_roles.tf
@@ -92,7 +92,7 @@ resource "aws_iam_policy" "ecr_access_policy" {
           "ecr:GetDownloadUrlForLayer",
           "ecr:BatchGetImage"
         ]
-        Resource = "*"
+        Resource = "arn:aws:ecr:${var.region}:${local.ecr_hosting_account}:repository/*"
       },
       {
         Effect = "Allow"