From 84d4e4a604db535bf759f22bb2c28cc25f71f127 Mon Sep 17 00:00:00 2001 From: Sergio Garcia <38561120+sergargar@users.noreply.github.com> Date: Mon, 4 Nov 2024 10:47:49 -0600 Subject: [PATCH] fix(aws): solve invalid ECR Registry ARN (#5622) --- prowler/providers/aws/services/ecr/ecr_service.py | 2 +- tests/providers/aws/services/ecr/ecr_service_test.py | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/prowler/providers/aws/services/ecr/ecr_service.py b/prowler/providers/aws/services/ecr/ecr_service.py index b141de811ea..bcbfeb532fa 100644 --- a/prowler/providers/aws/services/ecr/ecr_service.py +++ b/prowler/providers/aws/services/ecr/ecr_service.py @@ -58,7 +58,7 @@ def _describe_registries_and_repositories(self, regional_client): # The default ECR registry is assumed self.registries[regional_client.region] = Registry( id=self.registry_id, - arn=f"arn:{self.audited_partition}:ecr:{regional_client.region}:registry/{self.registry_id}", + arn=f"arn:{self.audited_partition}:ecr:{regional_client.region}:{self.audited_account}:registry/{self.registry_id}", region=regional_client.region, repositories=regional_registry_repositories, ) diff --git a/tests/providers/aws/services/ecr/ecr_service_test.py b/tests/providers/aws/services/ecr/ecr_service_test.py index a8aec1b0753..59957b03a1a 100644 --- a/tests/providers/aws/services/ecr/ecr_service_test.py +++ b/tests/providers/aws/services/ecr/ecr_service_test.py @@ -203,6 +203,10 @@ def test_describe_registries_and_repositories(self): assert len(ecr.registries) == 1 assert ecr.registries[AWS_REGION_EU_WEST_1].id == AWS_ACCOUNT_NUMBER + assert ( + ecr.registries[AWS_REGION_EU_WEST_1].arn + == f"arn:aws:ecr:{AWS_REGION_EU_WEST_1}:{AWS_ACCOUNT_NUMBER}:registry/{AWS_ACCOUNT_NUMBER}" + ) assert ecr.registries[AWS_REGION_EU_WEST_1].region == AWS_REGION_EU_WEST_1 assert len(ecr.registries[AWS_REGION_EU_WEST_1].repositories) == 1