Ensure ECR repositories do not allow cross account access to accounts outside your organization
Amazon Elastic Container Registry (ECR) is a managed Docker registry service that makes it easy for DevOps teams to store, manage and deploy Docker container images. Since docker containers need to interact with other services such as Databases, apis etc, sensitive data my be contained with the docker image. For this reason it is considered a security best practice to not allow access to other accounts outside of your organization. Ensuring that it is restricted will help you with PCI-DSS and GDPR Compliance.