Description
Description
Deploying an API that uses an ECR image from a different AWS account that the current AWS account has access to is currently not permitted. That's because we only allow for ECR images that only belong to the current AWS account. It doesn't take into consideration ECR images that were shared with another AWS account.
This can lead to errors like this:
cortex.exceptions.CortexBinaryException: error: .cortex.yaml: iris-classifier (RealtimeAPI): predictor: image: registry account ID (XXXXX) doesn't match your AWS account ID (YYYYY), and using an ECR registry in a different AWS account is not supported
Solution
At the very least, eliminate the check that verifies if the ECR image is under the same AWS account or not. The best solution is to check if the AWS user really does have access to the ECR image (checking policies, trying to inspect the image, etc).