Restrict extra permissions for ECR private repo as Lambda team has co…

…nfirmed they are unnecessary (#380)

Remove the extra ECR policy actions ecr:DeleteRepositoryPolicy, ecr:GetRepositoryPolicy, and ecr:SetRepositoryPolicy from our CloudFormation template.

infrastructure/parallelcluster-ui.yaml

@@ -575,17 +575,6 @@ Resources:
             Condition:
               StringLike:
                 aws:SourceArn: !Sub arn:${AWS::Partition}:lambda:${AWS::Region}:${AWS::AccountId}:function:*
-          - Sid: ReadWriteEcrPolicy
-            Effect: Allow
-            Principal:
-              Service: !Sub lambda.${AWS::URLSuffix}
-            Action:
-              - ecr:DeleteRepositoryPolicy
-              - ecr:GetRepositoryPolicy
-              - ecr:SetRepositoryPolicy
-            Condition:
-              StringLike:
-                aws:SourceArn: !Sub arn:${AWS::Partition}:lambda:${AWS::Region}:${AWS::AccountId}:function:*
 
   ImageBuilderInstanceRole:
     Type: AWS::IAM::Role