Cross-Account Access for Containerized Applications on ECS: using Amazon ECR policy

Q: How to share Docker images from different AWS accounts / Regions

eg diag above:

1. Either our images are in different accounts that we need to deploy together

we are fetching one image from vendor's account and two images from customer's account and deploying it together to AWS ECS inside VPC using Azure CLI.

2. Either we have different accounts for dev, uat, prod and we need to deploy our ECR images to AWS ECS inside VPC.

Sol: Use ECR Repository Policies to allow cross-account access to pull images.